From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 03:59:31 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AF6FCE91 for ; Thu, 17 Jul 2014 03:59:31 +0000 (UTC) Received: from home.opsec.eu (home.opsec.eu [IPv6:2001:14f8:200::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6EF9F2598 for ; Thu, 17 Jul 2014 03:59:31 +0000 (UTC) Received: from pi by home.opsec.eu with local (Exim 4.82 (FreeBSD)) (envelope-from ) id 1X7cqs-000Bg3-7P; Thu, 17 Jul 2014 05:59:26 +0200 Date: Thu, 17 Jul 2014 05:59:26 +0200 From: Kurt Jaeger To: "Kristian K. Nielsen" Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? Message-ID: <20140717035926.GB197@home.opsec.eu> References: <53C706C9.6090506@com.jkkn.dk> <53C70783.90105@com.jkkn.dk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <53C70783.90105@com.jkkn.dk> Cc: freebsd-current@freebsd.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 03:59:31 -0000 Hi! > * Should this or could this be a project for the foundation to either do > a summer project or funded project to bring this part of the OS up to date? My 2 cents: Yes, this should be tackled by a dedicated project, even better if funded by the foundation. -- pi@opsec.eu +49 171 3101372 6 years to go ! From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 05:30:31 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8FCA5C74 for ; Thu, 17 Jul 2014 05:30:31 +0000 (UTC) Received: from mail-lb0-x22f.google.com (mail-lb0-x22f.google.com [IPv6:2a00:1450:4010:c04::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 173832CCA for ; Thu, 17 Jul 2014 05:30:30 +0000 (UTC) Received: by mail-lb0-f175.google.com with SMTP id n15so1313289lbi.6 for ; Wed, 16 Jul 2014 22:30:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=date:from:to:subject:message-id:in-reply-to:references:mime-version :content-type:content-transfer-encoding; bh=aBhEt/ycKn5nnkjCcKFUatEIpMQgDmaR/UWfBdyEOl0=; b=CGV457kRItOJG3VtU+L2LpQGeXN5gS3R/dmcIMU5YSJwMUOhntn73HTqpGsWLG2kaK lB8d28U4l5Id+ccZUiCXnbxYgZt3qKttoRYCaqf5QKl8r4vIzyFwbqvWslCkoJDK94DN TPovjlLQi2nMJdyCUEUd4UGQ7icNe5ambGl/sgTr4KdqxaxTLF1WaJJl7afdTOhaXBqY 1qzBJ8Cw7Sl87IsbFU4x6lsLpTbgGeXlIsqPbVcwYEYJzALybGeb+90wZXGby073HraL F3qxg0ja8uyxUgQAIN6QF6AeEWjZDhKs2dE9QpRFh5Ns0bt2yVO8Lt+/gDDJqWusX31U ta1A== X-Received: by 10.112.202.39 with SMTP id kf7mr28483419lbc.37.1405575028378; Wed, 16 Jul 2014 22:30:28 -0700 (PDT) Received: from laptop.minsk.domain (m-s.agava.net. [195.222.84.203]) by mx.google.com with ESMTPSA id xt6sm576951lab.29.2014.07.16.22.30.25 for (version=SSLv3 cipher=RC4-SHA bits=128/128); Wed, 16 Jul 2014 22:30:26 -0700 (PDT) Date: Thu, 17 Jul 2014 08:30:38 +0300 From: "Sergey V. Dyatko" To: freebsd-current@freebsd.org Subject: Re: USB 2.0 webcam in virtualbox on CURRENT not working! Message-ID: <20140717083038.22b850cd@laptop.minsk.domain> In-Reply-To: <53C6F160.7040000@selasky.org> References: <20140716132843.60e861a0@munin.walstatt.dyndns.org> <53C664AD.9030100@dat.pl> <53C6F160.7040000@selasky.org> X-Mailer: Claws Mail 3.10.1 (GTK+ 2.24.22; amd64-portbld-freebsd11.0) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 05:30:31 -0000 On Wed, 16 Jul 2014 23:40:48 +0200 Hans Petter Selasky wrote: > On 07/16/14 13:40, Maciej Milewski wrote: > > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > On 16.07.2014 13:28, O. Hartmann wrote: > >> I desperately need to have a SKYPE based chat with an offshore > >> department. Since Skype is not a native port, I try to use a virtual > >> box running Windows 7. And here the nightmare begins. > >> > >> Skype works in the VBox, but audio only. I have two WebCAMs here, a > >> brand new Logitech C270 and a older Medion MD86511. The latter one can > >> be seen in the device list of Windows 7 within the VBox, but can not be > >> activated. > >> > >> More frustrating, the Logitech C270, doesn't work, it is not even seen > >> by the VBox. I tested the cam on another Windows 7 system of a > >> colleague and it works. FreeBSD does also "see" this USB Cam, but why > >> is the device hidden for the VBox? > > What do you mean by saying "see"? > > usbconfig on freebsd lists it as ugen device? > > Is it attached to vbox machine by some filter? > > Have you tried VBoxManage usbfilter add? > > I'm currently using some kind of software security jingle device this way: > > VBoxManage usbfilter add 1 --target VMachineName --name USBKey > > --vendorid 0x???? --productid 0x???? > > But I haven't used any webcam this way. > > > >> In the configuration, I have the ability to enable/disable USB 2.0 > >> subsystem. Enabled, VBox rejects to start on all FBSD around (9.3-PRE, > >> 11-CURRENT). What is that? Is VBox not capable of using USB 2.0 > >> devices in conjunction with FreeBSD? > >> > >> How to solve this? Is there a Skype 6 client for FreeBSD? > >> > >> Thanks in advance, please CC me, > >> Oliver > > > > Hi, > > Skype: > > Mount this union with /usr/ports: > > https://github.com/cpu82/skype4-ports > > And then you can install skype and even use the video chat. Note: This GH repository is outdated, please, you should install or update your ports tree from the following repository: https://github.com/xmj/linux-ports/ follow the instructions on https://github.com/xmj/linux-ports/ -- wbr, tiger From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 08:03:41 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CED966C6 for ; Thu, 17 Jul 2014 08:03:41 +0000 (UTC) Received: from graal.it-profi.org.ua (graal.shurik.kiev.ua [193.239.74.7]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8877D2A6E for ; Thu, 17 Jul 2014 08:03:40 +0000 (UTC) Received: from [217.76.201.82] (helo=thinkpad.it-profi.org.ua) by graal.it-profi.org.ua with esmtpa (Exim 4.82 (FreeBSD)) (envelope-from ) id 1X7g4j-000Jix-W9 for freebsd-current@freebsd.org; Thu, 17 Jul 2014 10:25:58 +0300 Message-ID: <53C77A80.90007@shurik.kiev.ua> Date: Thu, 17 Jul 2014 10:25:52 +0300 From: Alexandr Krivulya User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 MIME-Version: 1.0 To: freebsd-current@freebsd.org Subject: Re: USB 2.0 webcam in virtualbox on CURRENT not working! References: <20140716132843.60e861a0@munin.walstatt.dyndns.org> <53C664AD.9030100@dat.pl> <53C6F160.7040000@selasky.org> <20140717083038.22b850cd@laptop.minsk.domain> In-Reply-To: <20140717083038.22b850cd@laptop.minsk.domain> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-SA-Exim-Connect-IP: 217.76.201.82 X-SA-Exim-Mail-From: shuriku@shurik.kiev.ua X-SA-Exim-Scanned: No (on graal.it-profi.org.ua); SAEximRunCond expanded to false X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 08:03:41 -0000 17.07.2014 08:30, Sergey V. Dyatko пишет: > On Wed, 16 Jul 2014 23:40:48 +0200 > Hans Petter Selasky wrote: > >> On 07/16/14 13:40, Maciej Milewski wrote: >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> On 16.07.2014 13:28, O. Hartmann wrote: >>>> I desperately need to have a SKYPE based chat with an offshore >>>> department. Since Skype is not a native port, I try to use a virtual >>>> box running Windows 7. And here the nightmare begins. >>>> >>>> Skype works in the VBox, but audio only. I have two WebCAMs here, a >>>> brand new Logitech C270 and a older Medion MD86511. The latter one can >>>> be seen in the device list of Windows 7 within the VBox, but can not be >>>> activated. >>>> >>>> More frustrating, the Logitech C270, doesn't work, it is not even seen >>>> by the VBox. I tested the cam on another Windows 7 system of a >>>> colleague and it works. FreeBSD does also "see" this USB Cam, but why >>>> is the device hidden for the VBox? >>> What do you mean by saying "see"? >>> usbconfig on freebsd lists it as ugen device? >>> Is it attached to vbox machine by some filter? >>> Have you tried VBoxManage usbfilter add? >>> I'm currently using some kind of software security jingle device this way: >>> VBoxManage usbfilter add 1 --target VMachineName --name USBKey >>> --vendorid 0x???? --productid 0x???? >>> But I haven't used any webcam this way. >>> >>>> In the configuration, I have the ability to enable/disable USB 2.0 >>>> subsystem. Enabled, VBox rejects to start on all FBSD around (9.3-PRE, >>>> 11-CURRENT). What is that? Is VBox not capable of using USB 2.0 >>>> devices in conjunction with FreeBSD? >>>> >>>> How to solve this? Is there a Skype 6 client for FreeBSD? >>>> >>>> Thanks in advance, please CC me, >>>> Oliver >> Hi, >> >> Skype: >> >> Mount this union with /usr/ports: >> >> https://github.com/cpu82/skype4-ports >> >> And then you can install skype and even use the video chat. > Note: This GH repository is outdated, please, you should install or update your > ports tree from the following repository: > > https://github.com/xmj/linux-ports/ > > follow the instructions on https://github.com/xmj/linux-ports/ > Does it planned to be merged into main ports tree? From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 08:26:36 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B364AB44; Thu, 17 Jul 2014 08:26:36 +0000 (UTC) Received: from mail-we0-x22e.google.com (mail-we0-x22e.google.com [IPv6:2a00:1450:400c:c03::22e]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 23F8F2C33; Thu, 17 Jul 2014 08:26:36 +0000 (UTC) Received: by mail-we0-f174.google.com with SMTP id x48so2072928wes.5 for ; Thu, 17 Jul 2014 01:26:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=date:from:to:cc:subject:message-id:in-reply-to:references :mime-version:content-type:content-transfer-encoding; bh=HuwryQ6JavvjmcnAbdwAMN8nER0L6mc/Oibu3GgH88c=; b=Q4uOQL/aA5jinKv+PX5Ye7HFlpFCmxMjiDVVRP8z1hKDBdAEZ9p8Ms53pC3sOkPOo/ UfnLJxzwlOoVBqbEXOmXm0CmChZ2lOhWcu9VRtpx2hPG8JRpSTU0ZxDcNhpg7ZJ2+unM AhSnFzVlHW6TKltrvg3KOdyf/RXX6MtKa+LpeS8bG2Knc1Us6IPIv9kpbGdlCKhEsWhZ 7sBxxaobT5P++kdcn3PtMhpyrt26R1MBH2BZaSM3XhzFYgU1toQbqcnaGSDSockauwS8 jEdI9tuSKFQdpt+rYZ7AY0bM3pYQ+3fcK71jT5LItlo9my6sGEMZ7jkzG4h67FL2fGse c3bw== X-Received: by 10.194.249.98 with SMTP id yt2mr43665243wjc.66.1405585594241; Thu, 17 Jul 2014 01:26:34 -0700 (PDT) Received: from laptop.minsk.domain (m-s.agava.net. [195.222.84.203]) by mx.google.com with ESMTPSA id k19sm65969113wie.20.2014.07.17.01.26.32 for (version=SSLv3 cipher=RC4-SHA bits=128/128); Thu, 17 Jul 2014 01:26:33 -0700 (PDT) Date: Thu, 17 Jul 2014 11:26:43 +0300 From: "Sergey V. Dyatko" To: freebsd-current@freebsd.org Subject: Re: USB 2.0 webcam in virtualbox on CURRENT not working! Message-ID: <20140717112643.6204f59d@laptop.minsk.domain> In-Reply-To: <53C77A80.90007@shurik.kiev.ua> References: <20140716132843.60e861a0@munin.walstatt.dyndns.org> <53C664AD.9030100@dat.pl> <53C6F160.7040000@selasky.org> <20140717083038.22b850cd@laptop.minsk.domain> <53C77A80.90007@shurik.kiev.ua> X-Mailer: Claws Mail 3.10.1 (GTK+ 2.24.22; amd64-portbld-freebsd11.0) MIME-Version: 1.0 Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: 8bit Cc: xmj@freebsd.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 08:26:36 -0000 On Thu, 17 Jul 2014 10:25:52 +0300 Alexandr Krivulya wrote: > 17.07.2014 08:30, Sergey V. Dyatko ÐÉÛÅÔ: > > On Wed, 16 Jul 2014 23:40:48 +0200 > > Hans Petter Selasky wrote: > > > >> On 07/16/14 13:40, Maciej Milewski wrote: > >>> -----BEGIN PGP SIGNED MESSAGE----- > >>> Hash: SHA1 > >>> > >>> On 16.07.2014 13:28, O. Hartmann wrote: > >>>> I desperately need to have a SKYPE based chat with an offshore > >>>> department. Since Skype is not a native port, I try to use a virtual > >>>> box running Windows 7. And here the nightmare begins. > >>>> > >>>> Skype works in the VBox, but audio only. I have two WebCAMs here, a > >>>> brand new Logitech C270 and a older Medion MD86511. The latter one can > >>>> be seen in the device list of Windows 7 within the VBox, but can not be > >>>> activated. > >>>> > >>>> More frustrating, the Logitech C270, doesn't work, it is not even seen > >>>> by the VBox. I tested the cam on another Windows 7 system of a > >>>> colleague and it works. FreeBSD does also "see" this USB Cam, but why > >>>> is the device hidden for the VBox? > >>> What do you mean by saying "see"? > >>> usbconfig on freebsd lists it as ugen device? > >>> Is it attached to vbox machine by some filter? > >>> Have you tried VBoxManage usbfilter add? > >>> I'm currently using some kind of software security jingle device this way: > >>> VBoxManage usbfilter add 1 --target VMachineName --name USBKey > >>> --vendorid 0x???? --productid 0x???? > >>> But I haven't used any webcam this way. > >>> > >>>> In the configuration, I have the ability to enable/disable USB 2.0 > >>>> subsystem. Enabled, VBox rejects to start on all FBSD around (9.3-PRE, > >>>> 11-CURRENT). What is that? Is VBox not capable of using USB 2.0 > >>>> devices in conjunction with FreeBSD? > >>>> > >>>> How to solve this? Is there a Skype 6 client for FreeBSD? > >>>> > >>>> Thanks in advance, please CC me, > >>>> Oliver > >> Hi, > >> > >> Skype: > >> > >> Mount this union with /usr/ports: > >> > >> https://github.com/cpu82/skype4-ports > >> > >> And then you can install skype and even use the video chat. > > Note: This GH repository is outdated, please, you should install or update > > your ports tree from the following repository: > > > > https://github.com/xmj/linux-ports/ > > > > follow the instructions on https://github.com/xmj/linux-ports/ > > > Does it planned to be merged into main ports tree? > better ask author (xmj), CCd :-) -- wbr, tiger From owner-freebsd-current@FreeBSD.ORG Wed Jul 16 23:12:18 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D438E35C; Wed, 16 Jul 2014 23:12:18 +0000 (UTC) Received: from silver.jkkn.net (jkkn.dk [IPv6:2001:16d8:dd04:1::1]) by mx1.freebsd.org (Postfix) with ESMTP id 44C242E93; Wed, 16 Jul 2014 23:12:17 +0000 (UTC) Received: from [IPv6:2001:16d8:dd04:0:2905:35f9:4a63:c75a] (lenovo.home6.jkkn.net [IPv6:2001:16d8:dd04:0:2905:35f9:4a63:c75a]) (authenticated bits=0) by silver.jkkn.net (envelope-from freebsd@com.jkkn.dk) (8.14.9/8.14.9) with ESMTP id s6GNCDER003191 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Thu, 17 Jul 2014 01:12:14 +0200 (CEST) (envelope-from freebsd@com.jkkn.dk) DKIM-Filter: OpenDKIM Filter v2.8.3 silver.jkkn.net s6GNCDER003191 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=com.jkkn.dk; s=jkkn-dkim; t=1405552334; bh=FOQ7HOH4yhUwtO3o/kOtjMm3N6eSS77M3FQPf4hNwXQ=; h=Date:From:To:Subject; b=DaYo7wXbHKVyZkjiIpuO8fEb3epNtBIXuICNjTk7AlVH+I3fECCXGCIgRsGxPOslg qiZi5VpjPImRft54U1x2Nm6XTbmSqCWNLUzxS6VaUzKd0Cgr8tTweZ2rVRkY2cgTS7 7UlEqrP0kp0ByD93EIdIm9Tl65Mb3Pd1IgcTn41Y= Message-ID: <53C706C9.6090506@com.jkkn.dk> Date: Thu, 17 Jul 2014 01:12:09 +0200 From: "Kristian K. Nielsen" User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 MIME-Version: 1.0 To: freebsd-current@freebsd.org, freebsd-questions@freebsd.org Subject: Future of pf / firewall in FreeBSD ? - does it have one ? X-Virus-Scanned: clamav-milter 0.98.4 at silver.jkkn.net X-Virus-Status: Clean X-Mailman-Approved-At: Thu, 17 Jul 2014 11:24:50 +0000 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.18 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2014 23:12:18 -0000 Hi all, I have been encouraged by people on the pf-mailinglist to move this discussion to the current mailinglist since this may be an area in the OS where FreeBSD need to focus on next. First of all I am a happy user of the pf-firewall module and have been for years and think it is really great - the trouble is that lately (since 2008) its getting a bit dusty. The last few years it seem that pf in FreeBSD got a long way away from pf in OpenBSD where it originated - also looking at the ipfilter (ipf) and ipfw - they both to me do not seem to be as complete as pf. So I am curious if any on the mailing could elaborate about what the future of pf in FreeBSD is or should be. a) First of all - are any actively developing pf in FreeBSD? b) We are a major release away from OpenBSD (5.6 coming soon) - is following OpenBSD's pf the past? - should it be? c) We never got the new syntax from OpenBSD 4.7's pf - at the time a long discussion on the pf-mailing list flamed the new syntax saying it would cause FreeBSD administrators too much headache. Today on the list it seems everyone wants it - so would we rather stay on a dead branch than keep up with the main stream? d) Anyone working on bringing FreeBSD up to pf 5.6? - seem dead on the pf-list. e) OpenBSD is retiring ALTQ entirely - any thoughts on that? http://undeadly.org/cgi?action=article&sid=20140419151959 f) IPv6 support?- it seem to be more and more challenged in the current version of pf in FreeBSD and I am (as well as others) introducing more and more IPv6 in networks. E.x. Bugs #179392, #172648, #130381, #127920 and more seriously #124933, which is the bug on not handling IPv6 fragments which have been open since 2008 and where the workaround is necessity to leave an completely open hole in your firewall ruleset to allow all fragments. According to comment in the bug, this have been long gone in OpenBSD. g) Performance, can we live with pf-performance that compared to OpenBSD is slower by a factor of 3 or 4, even after the multi-core support in FreeBSD 10? (Henning Brauer noted that in this talk at http://tech.yandex.ru/events/yagosti/ruBSD/talks/1488/ (at 33:18 and 36:53)) - credit/Jim Thompson h) Bringing back patches from pfSense? And my most important question: * Should this or could this be a project for the foundation to either do a summer project or funded project to bring this part of the OS up to date? Hope to heard from you all, Best regards, Kristian Kræmmer Nielsen, Odense, Denmark From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 15:45:33 2014 Return-Path: Delivered-To: current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C11458F9; Thu, 17 Jul 2014 15:45:33 +0000 (UTC) Received: from mail-we0-x22d.google.com (mail-we0-x22d.google.com [IPv6:2a00:1450:400c:c03::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 36FB723CC; Thu, 17 Jul 2014 15:45:33 +0000 (UTC) Received: by mail-we0-f173.google.com with SMTP id q58so3399358wes.4 for ; Thu, 17 Jul 2014 08:45:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=6LmG3rTHaBSoMk93ffyAaidW7Jc/LoXXVmRh4VUX9u4=; b=a28PCZYaPow4kicRV0dJ6ffKWnP+dqE1/OnwQ1mhw8dGPz+RHhK3N6lzYCHnaHaSq4 Jl5+igPlT4lPnoLTYazccGq3vQN2Q01c0+3pyJstvnLSvddZarVzfpjUC1mUPe25ptYW T54MQaAe2s+tRCcxAf6ax0qodnXfERgP7Aty3gUa6BzQGF9cYITwZXV6NVHcr9HH5gqS KOJdmhFUoPJ3jeSz6JA9aSvV3Pia8RnIr2fMDesG2HgAvjLah5LYhjRDxYRx++HRtnld DzjB+K0BPuXvLdkrGeIGDsBKlUxXsaozhaYgK0qOOYpj29/qBbjWC8/CP+szAniXTyxW FIxg== X-Received: by 10.180.24.97 with SMTP id t1mr23564487wif.45.1405611929767; Thu, 17 Jul 2014 08:45:29 -0700 (PDT) Received: from [192.168.2.30] ([2.176.167.69]) by mx.google.com with ESMTPSA id eh10sm22332778wic.0.2014.07.17.08.45.27 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 17 Jul 2014 08:45:28 -0700 (PDT) Message-ID: <53C7EFA3.3070100@gmail.com> Date: Thu, 17 Jul 2014 20:15:39 +0430 From: Hooman Fazaeli User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130215 Thunderbird/17.0.3 MIME-Version: 1.0 To: Konstantin Belousov Subject: Re: PostgreSQL performance on FreeBSD References: <20140627125613.GT93733@kib.kiev.ua> <20140716132938.GB93733@kib.kiev.ua> In-Reply-To: <20140716132938.GB93733@kib.kiev.ua> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Thu, 17 Jul 2014 16:11:11 +0000 Cc: performance@freebsd.org, current@freebsd.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 15:45:33 -0000 On 7/16/2014 5:59 PM, Konstantin Belousov wrote: > On Fri, Jun 27, 2014 at 03:56:13PM +0300, Konstantin Belousov wrote: >> Hi, >> I did some measurements and hacks to see about the performance and >> scalability of PostgreSQL 9.3 on FreeBSD, sponsored by The FreeBSD >> Foundation. >> >> The results are described in https://kib.kiev.ua/kib/pgsql_perf.pdf. >> The uncommitted patches, referenced in the article, are available as >> https://kib.kiev.ua/kib/pig1.patch.txt >> https://kib.kiev.ua/kib/patch-2 > A followup to the original paper. > > Most importantly, I identified the cause for the drop on the graph > after the 30 clients, which appeared to be the debugging version > of malloc(3) in libc. > > Also there are some updates on the patches. > > New version of the paper is available at > https://www.kib.kiev.ua/kib/pgsql_perf_v2.0.pdf > The changes are marked as 'update for version 2.0'. Thanks for the great work! Did you tested the effect of hyper-threading (on or off) on the results? -- Best regards. Hooman Fazaeli From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 18:25:05 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5055AC1E; Thu, 17 Jul 2014 18:25:05 +0000 (UTC) Received: from mail-la0-x232.google.com (mail-la0-x232.google.com [IPv6:2a00:1450:4010:c03::232]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 627D0226A; Thu, 17 Jul 2014 18:25:04 +0000 (UTC) Received: by mail-la0-f50.google.com with SMTP id gf5so1899079lab.23 for ; Thu, 17 Jul 2014 11:25:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:date:message-id:subject:from:to:content-type; bh=b7F1I7bkQa+bMlShLg9t8BNx4K6cgs+F9CpDmBUwmnE=; b=UB98jSTsERwqND5U4XpaGLw+b/F0GHWGx7S0DPn+UWzTIMnMFYrAXalr7GMvy+psYi gdfs6DE69lJuJTnuTEhzymkrGBjEchlyuJJQjwiSGfw6215Bg29iSfDsIwY/zz/rZC1c +/ZZr8IsZUnNYyzSB+YVRmky1YUAkJBYPz8UXAbtFrSVL5KwhtHEuUg6V1X728VoMyo1 0FLAdGeJMGTGIGLpRtAKQLrsn8TKS1Y8kmV2vhLAAI8SfFFihNIwiV7gnTv35zJY4OjU Cqbntv6uS3UUBwmmZsR/1AwlwCGsrE3m1xQuFlwYv5moP+km2rD9OhA1Bjqp0EYpM6l5 DeeQ== MIME-Version: 1.0 X-Received: by 10.152.120.195 with SMTP id le3mr34997500lab.16.1405621501652; Thu, 17 Jul 2014 11:25:01 -0700 (PDT) Sender: crodr001@gmail.com Received: by 10.112.225.34 with HTTP; Thu, 17 Jul 2014 11:25:01 -0700 (PDT) Date: Thu, 17 Jul 2014 11:25:01 -0700 X-Google-Sender-Auth: 5d_fWbEAgYsaSbPyp0rYCKtCivM Message-ID: Subject: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? From: Craig Rodrigues To: freebsd-current Current , ports , freebsd-doc@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.18 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 18:25:05 -0000 Hi, I attend a lot of different Meetup groups in the San Francisco Bay Area / Silicon Valley. What I am seeing is the following usage pattern for new developers, especially for web apps and cloud applications. (1) On their desktop/laptop, they will generally be using a Mac running OS X. This is their desktop Unix environment. This seems to be true of almost 90% of the people that I meet. The 10% of people who run a PC laptop, will mostly be running Windows. Very few seem to run Linux on their laptops, but if they do, it will likely be Ubuntu Linux. (2) For their deployed application, generally they will deploy to a Linux environment on a server. These days, the server will very likely be in a cloud environment: Amazon, Rackspace, Heroku. For (1), encouraging people to move away from a Mac to FreeBSD for their desktop environment is a tough sell. Apple is a multi-billion dollar company, and they make beautiful hardware, and software with a fantastic end-user experience. The PC-BSD project is fighting the good fight in terms of making a usable FreeBSD desktop, but its a touch battle to fight. For (2), encouraging people to move away from Linux to FreeBSD on the server, may be something where we can get more wins. I think we can do this by having more HOWTO articles on the FreeBSD web page that explain the following: (1) We need a HOWTO article that explains for each command using apt or yum for installing packages, how can I do the same thing using "pkg". Even if we have a web page with a table, contrasting the apt/yum commands, and pkg commands, that would be super useful. A lot of folks have moved away from FreeBSD, purely because they are sick of pkg_add. We need to explain to folks that we have something better, that is quite competitive to apt/yum, and it is easy to use. (2) We need a HOWTO article that explains how to set up a FreeBSD environment with some of the major cloud providers, i.e. Amazon, Rackspace, Microsoft Azure, etc. Do we have such articles today, or is anybody working on something like that? I think if we had these two HOWTO articles today, and we could aggressively point people at them, this would be a huge win for expanding the number of people who try out FreeBSD for modern server applications. -- Craig From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 19:28:46 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 11B6A100; Thu, 17 Jul 2014 19:28:46 +0000 (UTC) Received: from mail-qg0-x22e.google.com (mail-qg0-x22e.google.com [IPv6:2607:f8b0:400d:c04::22e]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 949B42879; Thu, 17 Jul 2014 19:28:45 +0000 (UTC) Received: by mail-qg0-f46.google.com with SMTP id z60so2383163qgd.5 for ; Thu, 17 Jul 2014 12:28:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=ocyCOsEaFigPCywwzkQ877hgLIOa82R0/5MrwkAzFNw=; b=HrUuQCct4e+3UprH7z3FXGR3LkTbKfKKagXxNOxmYEojK6NOYENMGEyqx00u+mwr1J KYwh2WrP/6Us3IuBC6dRh0377DMr0iPOOOXcW9ZOqybjKgkhR4opfDefqz4hNa/LnVP3 hdgX6rmARQm/NS27CvFa8uYDgy0iSiUdd2CGa+ZRMCWbmOb7QFTgdglXor8ijXlKBmmW u/q8/5FS692LTvgzXtfB7g2RvrIFjOvun5haFaN3HuhwHxK0pmiiqm1TG0RlI0nhKId7 LDHhqBCUquTuKh7Ttfv0LTpiGQFJ07nLqJsBPrsQdCNs+xxuQ9Ucvme0sx9UlCeri0Ht gqmQ== MIME-Version: 1.0 X-Received: by 10.140.39.164 with SMTP id v33mr58292088qgv.99.1405625324793; Thu, 17 Jul 2014 12:28:44 -0700 (PDT) Sender: adrian.chadd@gmail.com Received: by 10.224.202.193 with HTTP; Thu, 17 Jul 2014 12:28:44 -0700 (PDT) In-Reply-To: References: Date: Thu, 17 Jul 2014 12:28:44 -0700 X-Google-Sender-Auth: rgFI6mYI7eBvut1-JrVwefLnHwI Message-ID: Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? From: Adrian Chadd To: Craig Rodrigues Content-Type: text/plain; charset=UTF-8 Cc: freebsd-doc@freebsd.org, freebsd-current Current , ports X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 19:28:46 -0000 Hi! 3) The binary packages need to work out of the box 4) .. which means, when you do things like pkg install apache, it can't just be installed and not be enabled, because that's a bit of a problem; 5) .. and then we need examples of actually deploying useful scenarios, like "so here's what you type to get django working right", "here's how you get a default memcached that works well", "here's how you bring up node.js", etc. 6) Then make VMs of the above so people can just clone and install them. -a On 17 July 2014 11:25, Craig Rodrigues wrote: > Hi, > > I attend a lot of different Meetup groups in the San Francisco Bay Area / > Silicon Valley. > > What I am seeing is the following usage pattern for new developers, > especially for web apps and cloud applications. > > (1) On their desktop/laptop, they will generally be using > a Mac running OS X. This is their desktop Unix environment. > This seems to be true of almost 90% of the people that I meet. > The 10% of people who run a PC laptop, will mostly be running > Windows. Very few seem to run Linux on their laptops, but > if they do, it will likely be Ubuntu Linux. > > (2) For their deployed application, generally they will deploy to > a Linux environment on a server. These days, the server will > very likely be in a cloud environment: Amazon, Rackspace, > Heroku. > > > For (1), encouraging people to move away from a Mac to FreeBSD for their > desktop environment is a tough sell. Apple is a multi-billion dollar > company, and they make beautiful hardware, and software with > a fantastic end-user experience. The PC-BSD project is fighting the > good fight in terms of making a usable FreeBSD desktop, but its > a touch battle to fight. > > For (2), encouraging people to move away from Linux to FreeBSD > on the server, may be something where we can get more wins. > I think we can do this by having more HOWTO articles on > the FreeBSD web page that explain the following: > > > (1) We need a HOWTO article that explains for each command using apt > or yum for installing packages, > how can I do the same thing using "pkg". > Even if we have a web page with a table, contrasting the > apt/yum commands, and pkg commands, that would be super > useful. > > A lot of folks have moved away from FreeBSD, purely because > they are sick of pkg_add. We need to explain to folks that > we have something better, that is quite competitive to > apt/yum, and it is easy to use. > > (2) We need a HOWTO article that explains how to set up > a FreeBSD environment with some of the major cloud providers, > i.e. Amazon, Rackspace, Microsoft Azure, etc. > > > Do we have such articles today, or is anybody working on something > like that? > > I think if we had these two HOWTO articles today, and we could > aggressively point people at them, this would be a huge win > for expanding the number of people who try out FreeBSD > for modern server applications. > > -- > Craig > _______________________________________________ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org" From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 19:57:45 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C5872820; Thu, 17 Jul 2014 19:57:45 +0000 (UTC) Received: from mail-oi0-x22f.google.com (mail-oi0-x22f.google.com [IPv6:2607:f8b0:4003:c06::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5A92A2B0C; Thu, 17 Jul 2014 19:57:45 +0000 (UTC) Received: by mail-oi0-f47.google.com with SMTP id x69so1496556oia.6 for ; Thu, 17 Jul 2014 12:57:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=8e5+ULRoBwW1ywy/HaTv/uz1Qqio8RWOluD55D+LXDw=; b=qRJr9GlMqJszusa7w3M9YNdhGwsgiQ3qx+ZGzY5rqgg5Y2IZc/8nVZzhVqsLYDB4Uw OpvQLi4lj8LAFGPRUlztCdgx3CcyoTGo6lppOdZueSUuFsv0DH9lRAQ8BsphWOb7udTW nmepN/xHDD7zxw7pW0/yfqGnflNT5vtz1fYq66NXl3lQa1EZ2tWaZiP7yNbti0OyBMZk UZNwgUGyjQfjqWAMoRd4BYGpGmfOnkMfjsDaGTY6kmcdQ7ceppB9r7UXVNDjmIFshCWM W/UtV6CyouYbZW4qRxsazv9Ck4mdgfjnZnm8BbhRrgldnYV9IL+mmJ+5U4AztmpFidcw q29Q== MIME-Version: 1.0 X-Received: by 10.60.73.129 with SMTP id l1mr49404718oev.2.1405627064514; Thu, 17 Jul 2014 12:57:44 -0700 (PDT) Received: by 10.76.170.39 with HTTP; Thu, 17 Jul 2014 12:57:44 -0700 (PDT) In-Reply-To: References: Date: Thu, 17 Jul 2014 21:57:44 +0200 Message-ID: Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? From: Andreas Nilsson To: Adrian Chadd Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.18 Cc: Craig Rodrigues , freebsd-doc@freebsd.org, freebsd-current Current , ports X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 19:57:46 -0000 On Thu, Jul 17, 2014 at 9:28 PM, Adrian Chadd wrote: > Hi! > > 3) The binary packages need to work out of the box > 4) .. which means, when you do things like pkg install apache, it > can't just be installed and not be enabled, because that's a bit of a > problem; > I disagree on this. For network services on linux ( apart from ssh ), I want that started very seldom. But I do want the package installed so that when I need it, it is there. Having it autostart as part of being installed is breaking KISS and in some way unix philosophy: I asked for something to be installed, not installed and autostarted. > 5) .. and then we need examples of actually deploying useful > scenarios, like "so here's what you type to get django working right", > "here's how you get a default memcached that works well", "here's how > you bring up node.js", etc. > Oh yes. I think that quite a few packages have default options that make them unsuitable for out-of-box usage, ie some lack the sane default dbi-stuff and so on. > 6) Then make VMs of the above so people can just clone and install them. > At least zfs-datasets ready to be run as jails would be really good too. > /A > > > -a > > > > On 17 July 2014 11:25, Craig Rodrigues wrote: > > Hi, > > > > I attend a lot of different Meetup groups in the San Francisco Bay Area / > > Silicon Valley. > > > > What I am seeing is the following usage pattern for new developers, > > especially for web apps and cloud applications. > > > > (1) On their desktop/laptop, they will generally be using > > a Mac running OS X. This is their desktop Unix environment. > > This seems to be true of almost 90% of the people that I meet. > > The 10% of people who run a PC laptop, will mostly be running > > Windows. Very few seem to run Linux on their laptops, but > > if they do, it will likely be Ubuntu Linux. > > > > (2) For their deployed application, generally they will deploy to > > a Linux environment on a server. These days, the server will > > very likely be in a cloud environment: Amazon, Rackspace, > > Heroku. > > > > > > For (1), encouraging people to move away from a Mac to FreeBSD for their > > desktop environment is a tough sell. Apple is a multi-billion dollar > > company, and they make beautiful hardware, and software with > > a fantastic end-user experience. The PC-BSD project is fighting the > > good fight in terms of making a usable FreeBSD desktop, but its > > a touch battle to fight. > > > > For (2), encouraging people to move away from Linux to FreeBSD > > on the server, may be something where we can get more wins. > > I think we can do this by having more HOWTO articles on > > the FreeBSD web page that explain the following: > > > > > > (1) We need a HOWTO article that explains for each command using apt > > or yum for installing packages, > > how can I do the same thing using "pkg". > > Even if we have a web page with a table, contrasting the > > apt/yum commands, and pkg commands, that would be super > > useful. > > > > A lot of folks have moved away from FreeBSD, purely because > > they are sick of pkg_add. We need to explain to folks that > > we have something better, that is quite competitive to > > apt/yum, and it is easy to use. > > > > (2) We need a HOWTO article that explains how to set up > > a FreeBSD environment with some of the major cloud providers, > > i.e. Amazon, Rackspace, Microsoft Azure, etc. > > > > > > Do we have such articles today, or is anybody working on something > > like that? > > > > I think if we had these two HOWTO articles today, and we could > > aggressively point people at them, this would be a huge win > > for expanding the number of people who try out FreeBSD > > for modern server applications. > > > > -- > > Craig > > _______________________________________________ > > freebsd-current@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-current > > To unsubscribe, send any mail to " > freebsd-current-unsubscribe@freebsd.org" > _______________________________________________ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org" > From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 20:00:05 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 10BE5A28; Thu, 17 Jul 2014 20:00:05 +0000 (UTC) Received: from mail-qc0-x22a.google.com (mail-qc0-x22a.google.com [IPv6:2607:f8b0:400d:c01::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 918782B34; Thu, 17 Jul 2014 20:00:04 +0000 (UTC) Received: by mail-qc0-f170.google.com with SMTP id c9so2609474qcz.29 for ; Thu, 17 Jul 2014 13:00:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=TxPCPMrlWy2/HkGZgXnJUPOGG19RJ+IQbQ82hbtshJs=; b=fHcD4YKqcPTspcXnm/wOnDtkU1m6k3qU+3VCI9J1m5GwFwY5Wu9oirnyngSQBUNAZM g0hOG3K/00fUzHDRo+m/NZaszNDlJkFtwnzlGX5S1ySUHFQs1lXZOp/jN+nfkOKOjLtE ogWMXcIJa90SwMAmbi/Z8USV3VCGyihkgnWKNu9PZx4CSoDYRnZZsNwPn83OEAhd6Han uKl55owzKrK0+mV4g9zh/D3D6xrYgGdvNYpHDVZzn+rZPFJFVyAJhsrH4wA9OiuhO8G5 4x8XNrYG7WXjf+xCaCiGqPgZKvVQ2Of3JCOGtGWSMSICCBarj1kl7gM+oOLEh1/Sexdj pOpg== MIME-Version: 1.0 X-Received: by 10.224.223.135 with SMTP id ik7mr33894930qab.26.1405627203701; Thu, 17 Jul 2014 13:00:03 -0700 (PDT) Sender: adrian.chadd@gmail.com Received: by 10.224.202.193 with HTTP; Thu, 17 Jul 2014 13:00:03 -0700 (PDT) In-Reply-To: References: Date: Thu, 17 Jul 2014 13:00:03 -0700 X-Google-Sender-Auth: 6n1OnJWyg3T1sJ_yvKQymHuRu10 Message-ID: Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? From: Adrian Chadd To: Andreas Nilsson Content-Type: text/plain; charset=UTF-8 Cc: Craig Rodrigues , freebsd-doc@freebsd.org, freebsd-current Current , ports X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 20:00:05 -0000 On 17 July 2014 12:57, Andreas Nilsson wrote: > > > > On Thu, Jul 17, 2014 at 9:28 PM, Adrian Chadd wrote: >> >> Hi! >> >> 3) The binary packages need to work out of the box >> 4) .. which means, when you do things like pkg install apache, it >> can't just be installed and not be enabled, because that's a bit of a >> problem; > > I disagree on this. For network services on linux ( apart from ssh ), I want > that started very seldom. But I do want the package installed so that when I > need it, it is there. Having it autostart as part of being installed is > breaking KISS and in some way unix philosophy: I asked for something to be > installed, not installed and autostarted. That's cool. We can disagree on that. But the fact that you have to edit a file to enable things and hope you get the right start entry in /etc/rc.conf or /usr/local/etc/rc.conf, or wherever you put it is, is a pain. -a From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 20:12:27 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2121F177; Thu, 17 Jul 2014 20:12:27 +0000 (UTC) Received: from mail-qc0-x22a.google.com (mail-qc0-x22a.google.com [IPv6:2607:f8b0:400d:c01::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A11462CE7; Thu, 17 Jul 2014 20:12:26 +0000 (UTC) Received: by mail-qc0-f170.google.com with SMTP id c9so2586982qcz.15 for ; Thu, 17 Jul 2014 13:12:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=4YW5UwcGE+4gpAfeudZeUFCaoGRIhKEJG4mAm7OoZN8=; b=aNB0ot+66X1s1kixIY0G02Ud8Newtad9oQEprfuKA6MtIaYBso/Z7Lo+O7bkHlfITH d8dGiJJhd9zIPOZGXa7TFqDuuhusBq9XIUauvLIxLEAsAvSEcmpOZPtkhIeQQ/34ufxp YnKc2u+27ikAZA0e5/ZcRRDy+g6SW/8epSaapVMVizzFjjaqS2yo3o1b5VIlYqDcpi36 aEcenxP7OU1D1u3PPfajhfz9Oh6U2WTsyKjS7JTH+11qnrh09lqwuChQJ1VcclNTzYqR Q2NfkFGb2I0TG9aslSzInNwSpQSSxEnZaMfpfVfb6zDU/t65Yu96YjxVE9Gt2IFw/vW9 Awyg== MIME-Version: 1.0 X-Received: by 10.140.38.169 with SMTP id t38mr21789200qgt.3.1405627945854; Thu, 17 Jul 2014 13:12:25 -0700 (PDT) Sender: adrian.chadd@gmail.com Received: by 10.224.202.193 with HTTP; Thu, 17 Jul 2014 13:12:25 -0700 (PDT) In-Reply-To: References: Date: Thu, 17 Jul 2014 13:12:25 -0700 X-Google-Sender-Auth: vEApQ5mI5iTp16NlZVYWuH4c8nk Message-ID: Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? From: Adrian Chadd To: Alberto Mijares Content-Type: text/plain; charset=UTF-8 Cc: Craig Rodrigues , freebsd-doc@freebsd.org, freebsd-current Current , ports X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 20:12:27 -0000 On 17 July 2014 13:03, Alberto Mijares wrote: > On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd wrote: >> Hi! >> >> 3) The binary packages need to work out of the box >> 4) .. which means, when you do things like pkg install apache, it >> can't just be installed and not be enabled, because that's a bit of a >> problem; > > > No. Please NEVER do that! The user must be able to edit the files and > start the service by himself. Cool, so what's the single line command needed to type in to start a given package service? -a From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 20:03:55 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BDCD1CDA; Thu, 17 Jul 2014 20:03:55 +0000 (UTC) Received: from mail-vc0-x233.google.com (mail-vc0-x233.google.com [IPv6:2607:f8b0:400c:c03::233]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 034FE2BDA; Thu, 17 Jul 2014 20:03:54 +0000 (UTC) Received: by mail-vc0-f179.google.com with SMTP id hq11so4107277vcb.24 for ; Thu, 17 Jul 2014 13:03:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Xmdkwr7Lu90rheknHJPdP3i3eISUEIGsgqK/jua/Mzc=; b=JY3ewdcv6rwenvBCPT0Hs2NbJd/H2gkzTy+tXHzq75NVbNQPjt2WI5PIkkISwNH8J5 K1azd07qE1XlOzqMFKkyfMRMaD15SnGUOLdg9p9WrnrY5077rCmvZ5bsmQ4ISwbFalxN JzAb/FhzDigDORRsX06P4xDM984xExcl4jknjcRnBoUqRYgA3GVnaVQ0hwB/VO4vwwVL 7OXO8Hi8ZmSKGECFfYFxnDxNBUwuObFFet0s00bvPve2ROpPtkyzjyAhT4PIL3+pWK5w 2YWY3VgBhiARDzjEIA6roZB3tegQSQaGB/goIBLvgRu8HmoNGwGq1rODEdQ3X/64hP4D T0Qw== MIME-Version: 1.0 X-Received: by 10.220.251.80 with SMTP id mr16mr6939694vcb.11.1405627434076; Thu, 17 Jul 2014 13:03:54 -0700 (PDT) Received: by 10.58.113.99 with HTTP; Thu, 17 Jul 2014 13:03:54 -0700 (PDT) In-Reply-To: References: Date: Thu, 17 Jul 2014 15:33:54 -0430 Message-ID: Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? From: Alberto Mijares To: Adrian Chadd Content-Type: text/plain; charset=UTF-8 X-Mailman-Approved-At: Thu, 17 Jul 2014 20:13:48 +0000 Cc: Craig Rodrigues , freebsd-doc@freebsd.org, freebsd-current Current , ports X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 20:03:56 -0000 On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd wrote: > Hi! > > 3) The binary packages need to work out of the box > 4) .. which means, when you do things like pkg install apache, it > can't just be installed and not be enabled, because that's a bit of a > problem; No. Please NEVER do that! The user must be able to edit the files and start the service by himself. Regards, Alberto Mijares From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 20:15:03 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 89E3252F; Thu, 17 Jul 2014 20:15:03 +0000 (UTC) Received: from mail-pd0-x22d.google.com (mail-pd0-x22d.google.com [IPv6:2607:f8b0:400e:c02::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3C4452D13; Thu, 17 Jul 2014 20:15:03 +0000 (UTC) Received: by mail-pd0-f173.google.com with SMTP id w10so3727142pde.18 for ; Thu, 17 Jul 2014 13:15:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=cy5QbFuKpfxK938/x69T2Hk+edHEOTmAPwHCgBY03PU=; b=Fpniq2R7FGz/2PRCNoUPcAe4SAtdZwi5raZzKTUskSQ/Y+n+jzaQ6V9+AmYMV4i5Xo d8o4zkurHN+blvxo0oQspzZnfk9mcCnTP3a3vMSO5W+EzYjhbxQJ3/d/3PHbMCNiNc4b zDQX+IVmhjS9TUiaRGeWUbyIJMMayMNFZa9CTPiWYBeFY6hzcHlY+Ef/iGM7libUXfE5 uLvKRTRrnLlSspeXv/RmPvDBubOZMK1FI/yaJAqmOv2e0Wrpb8m1A0K12Fz4lSvOmuN0 ID3G977ioFMhP/2JyvKX48lyZkH0UW78/mgUldhoPe94zyGEO65dAFRReib9KfMtGDPA JkMA== X-Received: by 10.66.219.42 with SMTP id pl10mr23018492pac.22.1405628102859; Thu, 17 Jul 2014 13:15:02 -0700 (PDT) Received: from [10.192.166.0] (stargate.chelsio.com. [67.207.112.58]) by mx.google.com with ESMTPSA id x15sm3369298pbt.52.2014.07.17.13.15.01 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 17 Jul 2014 13:15:02 -0700 (PDT) Message-ID: <53C82EC4.8060304@gmail.com> Date: Thu, 17 Jul 2014 13:15:00 -0700 From: Navdeep Parhar User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 MIME-Version: 1.0 To: Adrian Chadd , Alberto Mijares Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Craig Rodrigues , freebsd-doc@freebsd.org, freebsd-current Current , ports X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 20:15:03 -0000 On 07/17/14 13:12, Adrian Chadd wrote: > On 17 July 2014 13:03, Alberto Mijares wrote: >> On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd wrote: >>> Hi! >>> >>> 3) The binary packages need to work out of the box >>> 4) .. which means, when you do things like pkg install apache, it >>> can't just be installed and not be enabled, because that's a bit of a >>> problem; >> >> >> No. Please NEVER do that! The user must be able to edit the files and >> start the service by himself. > > Cool, so what's the single line command needed to type in to start a > given package service? Aren't sysrc(8) and service(8) for this kind of stuff? From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 20:21:19 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 32F5076B; Thu, 17 Jul 2014 20:21:19 +0000 (UTC) Received: from mail-oa0-x22b.google.com (mail-oa0-x22b.google.com [IPv6:2607:f8b0:4003:c02::22b]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id BBF712DC9; Thu, 17 Jul 2014 20:21:18 +0000 (UTC) Received: by mail-oa0-f43.google.com with SMTP id i7so1520420oag.16 for ; Thu, 17 Jul 2014 13:21:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=W3kOZEud/pQOo9XH929ZZQ8U7OHPPEG/3oRKJdyUCSI=; b=N7yk+FYAjCXSeDFdAvs02qt9hUEaIm4j47HWqjVkNz5LmwSBnDceynv3rMclxONXNZ 0WyHQNZvibkP4rxOdNC+kOXk9mUNRR5Yr6UZv3eiKqrm//HNXEVojgGt1+JjIIgsKTwo FkNxFx68rYMRaGEUtus3P4GH818WZR/5USM1NXpMwz3/X65kwtddr6ZvHPamBsEHT290 s73m++llTuvptKsCXS+V+gTrctZ3LaP8yKZGBzYtllaIY5ic3w4SC07K4kYbE+XMQ3K9 7T8Z2bpJH3TOnbfSXWSX9qCP7nLZA7LPS27TYN1QgDcW0OT/jfRsmaoQRn0e6RosHdti Ma0A== MIME-Version: 1.0 X-Received: by 10.60.73.129 with SMTP id l1mr49621129oev.2.1405628477962; Thu, 17 Jul 2014 13:21:17 -0700 (PDT) Received: by 10.76.170.39 with HTTP; Thu, 17 Jul 2014 13:21:17 -0700 (PDT) In-Reply-To: <53C82EC4.8060304@gmail.com> References: <53C82EC4.8060304@gmail.com> Date: Thu, 17 Jul 2014 22:21:17 +0200 Message-ID: Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? From: Andreas Nilsson To: Navdeep Parhar Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.18 Cc: Craig Rodrigues , Adrian Chadd , freebsd-doc@freebsd.org, Alberto Mijares , freebsd-current Current , ports X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 20:21:19 -0000 On Thu, Jul 17, 2014 at 10:15 PM, Navdeep Parhar wrote: > On 07/17/14 13:12, Adrian Chadd wrote: > > On 17 July 2014 13:03, Alberto Mijares wrote: > >> On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd > wrote: > >>> Hi! > >>> > >>> 3) The binary packages need to work out of the box > >>> 4) .. which means, when you do things like pkg install apache, it > >>> can't just be installed and not be enabled, because that's a bit of a > >>> problem; > >> > >> > >> No. Please NEVER do that! The user must be able to edit the files and > >> start the service by himself. > > > > Cool, so what's the single line command needed to type in to start a > > given package service? > > Aren't sysrc(8) and service(8) for this kind of stuff? > They sure are. Well, pkg install $service ; sysrc ${service}_enable="YES" would do. Although some services have different names than the packge, which is sort of annoying. I wouldn't mind though if pkg via dialog or some such mechanism asked if wanted it enabled. Or via pkg-message told me howto enable it. /A From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 20:21:34 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2108D973; Thu, 17 Jul 2014 20:21:34 +0000 (UTC) Received: from mail-qa0-x22c.google.com (mail-qa0-x22c.google.com [IPv6:2607:f8b0:400d:c00::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9FE812DD5; Thu, 17 Jul 2014 20:21:33 +0000 (UTC) Received: by mail-qa0-f44.google.com with SMTP id f12so2233889qad.17 for ; Thu, 17 Jul 2014 13:21:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=r9MxJRe+w5k4nbig5gXIXyAQdSSpjcl/HyI6vbtw9as=; b=Vm408MGT+I2nj1bLXs1iVTp6OliQwu9JqJPSiEi/d5ymvM8yH8dwVkpXA4NFBsdud9 dxWhpML20vl1SP22eIUNuUbaD2eXKKwcMKuLkG11EchzroNps48OVlad3jU/qqvIF//1 6NmzfnHUXRqoHQNRYpb2GXnZcSsDYLBWMWpJJv9Wz30SLm9Mm4UycGrhvIK8jfVLNvdw vOII+QDs/RXR8OXq6JVb8QMW2rDpv98w2nBhkBsADdNfto0o23ZA2YHUD4etRCEaMnrH U2/bRBU8juqPTEb0q5BQT00Sv/1Se1iL6hxKFep73saWBCqENZtOQaWNJvRPIFbotppT g9Qw== MIME-Version: 1.0 X-Received: by 10.224.71.198 with SMTP id i6mr61134411qaj.76.1405628492558; Thu, 17 Jul 2014 13:21:32 -0700 (PDT) Sender: adrian.chadd@gmail.com Received: by 10.224.202.193 with HTTP; Thu, 17 Jul 2014 13:21:32 -0700 (PDT) In-Reply-To: <53C82EC4.8060304@gmail.com> References: <53C82EC4.8060304@gmail.com> Date: Thu, 17 Jul 2014 13:21:32 -0700 X-Google-Sender-Auth: xJpkbt1q5MPuhPAjOjlOCMoX2kM Message-ID: Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? From: Adrian Chadd To: Navdeep Parhar Content-Type: text/plain; charset=UTF-8 Cc: Craig Rodrigues , freebsd-doc@freebsd.org, freebsd-current Current , ports , Alberto Mijares X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 20:21:34 -0000 On 17 July 2014 13:15, Navdeep Parhar wrote: > On 07/17/14 13:12, Adrian Chadd wrote: >> On 17 July 2014 13:03, Alberto Mijares wrote: >>> On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd wrote: >>>> Hi! >>>> >>>> 3) The binary packages need to work out of the box >>>> 4) .. which means, when you do things like pkg install apache, it >>>> can't just be installed and not be enabled, because that's a bit of a >>>> problem; >>> >>> >>> No. Please NEVER do that! The user must be able to edit the files and >>> start the service by himself. >> >> Cool, so what's the single line command needed to type in to start a >> given package service? > > Aren't sysrc(8) and service(8) for this kind of stuff? Yup, and if the default is going to be off, then you want the instructions to be "type this in", not "edit this file." There's odd things too, like "oh look I installed xorg, but then I can't run it without enabling hald/dbus, then starting it.. oh wait, no mouse, so I have to reboot for them to come up right" kind of crap. That's the kind of thing that turns people away. -a From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 20:14:55 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 82001465; Thu, 17 Jul 2014 20:14:55 +0000 (UTC) Received: from mail-vc0-x236.google.com (mail-vc0-x236.google.com [IPv6:2607:f8b0:400c:c03::236]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id EC6982D10; Thu, 17 Jul 2014 20:14:54 +0000 (UTC) Received: by mail-vc0-f182.google.com with SMTP id hy4so5762863vcb.13 for ; Thu, 17 Jul 2014 13:14:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=jjseox9Zo55oCPGhd93/xRcuin7F54Gz8ThlowCpbzk=; b=ikE6hgLN3rZzviUSSETFml2sLmQkEsauzHYgjJiGw3p4drywwNqGs+VXBmSKF41elF whlah2pNNNZKCRz2knak7139smRbYT4fjIfhoF1R7YmNxn6OvRVpMo+y6TVPISyleD3q lT6MSZGyoDYNe6KyloRsm420fl2Qj5mHAyk38qocXOs6n4eiKYQUiOa2b8pYffnhQ0iy h7qXo7vU2oya572KL+AzSIdZkE6Y97Bl2QMps41ApTxVl+08NbuHORGYML6kltzwdAm+ +b2ar2onqkUuMnbxGKNahGt+korD3QYJIR6B3Usv+C7qzWIlWkyIQozPUAYt4ZMKk3AT FI/w== MIME-Version: 1.0 X-Received: by 10.52.101.168 with SMTP id fh8mr24250485vdb.34.1405628093804; Thu, 17 Jul 2014 13:14:53 -0700 (PDT) Received: by 10.58.113.99 with HTTP; Thu, 17 Jul 2014 13:14:53 -0700 (PDT) In-Reply-To: References: Date: Thu, 17 Jul 2014 15:44:53 -0430 Message-ID: Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? From: Alberto Mijares To: Adrian Chadd Content-Type: text/plain; charset=UTF-8 X-Mailman-Approved-At: Thu, 17 Jul 2014 20:29:17 +0000 Cc: Craig Rodrigues , freebsd-doc@freebsd.org, freebsd-current Current , ports X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 20:14:55 -0000 On Thu, Jul 17, 2014 at 3:42 PM, Adrian Chadd wrote: > On 17 July 2014 13:03, Alberto Mijares wrote: >> On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd wrote: >>> Hi! >>> >>> 3) The binary packages need to work out of the box >>> 4) .. which means, when you do things like pkg install apache, it >>> can't just be installed and not be enabled, because that's a bit of a >>> problem; >> >> >> No. Please NEVER do that! The user must be able to edit the files and >> start the service by himself. > > Cool, so what's the single line command needed to type in to start a > given package service? > # service appname onestart For the rest, read the manual and understand your OS. From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 20:29:25 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A4C2DFF2; Thu, 17 Jul 2014 20:29:25 +0000 (UTC) Received: from mail-oa0-x235.google.com (mail-oa0-x235.google.com [IPv6:2607:f8b0:4003:c02::235]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 385BE2E4B; Thu, 17 Jul 2014 20:29:25 +0000 (UTC) Received: by mail-oa0-f53.google.com with SMTP id j17so1556008oag.12 for ; Thu, 17 Jul 2014 13:29:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=huaQwQk//HApjjPyc6lkljeOaVC7bFYbIr/r37KbOks=; b=eZlHsi0beu98xdwBPj8IvBxq/zt+WLOVckcxZAgLIHo2BTALHVeB0W4zbUKgtioPBE XHhhpNqceBMjSW4jrYuwxIY5WU3pOflfxPcU4QDRbqGXHf3EfuoAJviQD9LFxI1Qs1qw 68baB7ICMiHo2UgzNLyf2f286URS6m5e6LMAUwKbfkC2PdzBX9yvvsWP1U9QI295U7vR RRRWojKUS/ijyxOLz1gQcelZoH4+fbIQk2mbohm4C+n9XEWvP0sTREpjFPcWpps8IAzc FVVJAvyq+73ay78rCEo5pOxOB0gcVhOUoJw9wKx4zKBIfl8saf+NtxsRx38dE/fff8r3 XlhQ== MIME-Version: 1.0 X-Received: by 10.60.47.12 with SMTP id z12mr8158755oem.71.1405628963624; Thu, 17 Jul 2014 13:29:23 -0700 (PDT) Received: by 10.76.170.39 with HTTP; Thu, 17 Jul 2014 13:29:23 -0700 (PDT) In-Reply-To: References: <53C82EC4.8060304@gmail.com> Date: Thu, 17 Jul 2014 22:29:23 +0200 Message-ID: Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? From: Andreas Nilsson To: Adrian Chadd Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.18 Cc: Craig Rodrigues , Navdeep Parhar , freebsd-doc@freebsd.org, Alberto Mijares , freebsd-current Current , ports X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 20:29:25 -0000 On Thu, Jul 17, 2014 at 10:21 PM, Adrian Chadd wrote: > On 17 July 2014 13:15, Navdeep Parhar wrote: > > On 07/17/14 13:12, Adrian Chadd wrote: > >> On 17 July 2014 13:03, Alberto Mijares wrote: > >>> On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd > wrote: > >>>> Hi! > >>>> > >>>> 3) The binary packages need to work out of the box > >>>> 4) .. which means, when you do things like pkg install apache, it > >>>> can't just be installed and not be enabled, because that's a bit of a > >>>> problem; > >>> > >>> > >>> No. Please NEVER do that! The user must be able to edit the files and > >>> start the service by himself. > >> > >> Cool, so what's the single line command needed to type in to start a > >> given package service? > > > > Aren't sysrc(8) and service(8) for this kind of stuff? > > Yup, and if the default is going to be off, then you want the > instructions to be "type this in", not "edit this file." > > There's odd things too, like "oh look I installed xorg, but then I > can't run it without enabling hald/dbus, then starting it.. oh wait, > no mouse, so I have to reboot for them to come up right" kind of crap. > > That's the kind of thing that turns people away. > > But this is more of a desktop/laptop setup, right? If services had an option ( the ones provided via ports anyway) for autostart, and package sets for different use cases was provided, like server and desktop say, there could for desktop be the default to have the option set for autostart and for server the option would be to not autostart. /A From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 20:54:52 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 01CC3551; Thu, 17 Jul 2014 20:54:52 +0000 (UTC) Received: from mail-wi0-x236.google.com (mail-wi0-x236.google.com [IPv6:2a00:1450:400c:c05::236]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E6248208D; Thu, 17 Jul 2014 20:54:50 +0000 (UTC) Received: by mail-wi0-f182.google.com with SMTP id d1so3484172wiv.9 for ; Thu, 17 Jul 2014 13:54:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=2ZIWeSeWji9V69u9J6zNIz4POmZCqG+UI7TjdfESOl8=; b=Y9x3MXhO4fvUWqj1IWH+MVKRa2RSlmlrleHeZrBADWc3MQxxx5sKO5OadP4qUMk9ID ugZMiSW0ir4ymauB9ssvODDatQVMzq6WmchYPg76omy/6O0TFDTYlojnvaCzoIHO85Z4 42M5vwppqe9W+TAj+Rh1mMWs0fGy+ASNnIoU0ivJFeGlHMfpgJliKGcO3eDt3Zuvs9XT uqQzEL9/M44gNxAPL64lzOYtAyHGX9vHRh2GbevlOdms2F1jc4M8RGnFW67bhus/bX0a E8pMFqeuoaqEPyZ8SQTbayEARJizIhtsPhqsjDUknZlHM0KhiUBZpcv+11uULpMWfrSL zdPw== X-Received: by 10.181.13.44 with SMTP id ev12mr26284322wid.57.1405630488617; Thu, 17 Jul 2014 13:54:48 -0700 (PDT) Received: from ivaldir.etoilebsd.net ([2001:41d0:8:db4c::1]) by mx.google.com with ESMTPSA id q11sm24901985wib.14.2014.07.17.13.54.47 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 17 Jul 2014 13:54:47 -0700 (PDT) Sender: Baptiste Daroussin Date: Thu, 17 Jul 2014 22:54:45 +0200 From: Baptiste Daroussin To: Andreas Nilsson Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? Message-ID: <20140717205445.GC28314@ivaldir.etoilebsd.net> References: <53C82EC4.8060304@gmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="UPT3ojh+0CqEDtpF" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) Cc: Craig Rodrigues , Adrian Chadd , ports , freebsd-doc@freebsd.org, Alberto Mijares , freebsd-current Current , Navdeep Parhar X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 20:54:52 -0000 --UPT3ojh+0CqEDtpF Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jul 17, 2014 at 10:21:17PM +0200, Andreas Nilsson wrote: > On Thu, Jul 17, 2014 at 10:15 PM, Navdeep Parhar wrot= e: >=20 > > On 07/17/14 13:12, Adrian Chadd wrote: > > > On 17 July 2014 13:03, Alberto Mijares wrote: > > >> On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd > > wrote: > > >>> Hi! > > >>> > > >>> 3) The binary packages need to work out of the box > > >>> 4) .. which means, when you do things like pkg install apache, it > > >>> can't just be installed and not be enabled, because that's a bit of= a > > >>> problem; > > >> > > >> > > >> No. Please NEVER do that! The user must be able to edit the files and > > >> start the service by himself. > > > > > > Cool, so what's the single line command needed to type in to start a > > > given package service? > > > > Aren't sysrc(8) and service(8) for this kind of stuff? > > >=20 > They sure are. >=20 > Well, pkg install $service ; sysrc ${service}_enable=3D"YES" would do. > Although some services have different names than the packge, which is sort > of annoying. Maybe service needs to be extended (seriously sysrc ${service}_enable=3D"YE= S" is not user friendly) we have service -l that list the services, maybe a servi= ce ${service} on that create /etc/rc.conf.d/${service} with ${service}_enable= =3D"YES" in it and service ${service} off to remove it maybe service -l could also be extended to show the current status (maybe w= ith a -v switch) but for sure having the service off by default is a good idea :) regards, Bapt --UPT3ojh+0CqEDtpF Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlPIOBUACgkQ8kTtMUmk6EybGACfXb3srUWCWCIGIzgVeXxxoq65 OCsAoMAUbudwOFR5eiLnU+W+sz/Gd5Sh =/hSI -----END PGP SIGNATURE----- --UPT3ojh+0CqEDtpF-- From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 20:56:17 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1A97D7F7; Thu, 17 Jul 2014 20:56:17 +0000 (UTC) Received: from mail-we0-x231.google.com (mail-we0-x231.google.com [IPv6:2a00:1450:400c:c03::231]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 0AD2520A9; Thu, 17 Jul 2014 20:56:15 +0000 (UTC) Received: by mail-we0-f177.google.com with SMTP id w62so3685230wes.22 for ; Thu, 17 Jul 2014 13:56:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=9K3hT73XcHHusGoOuLvq9Sci35NCYXZ4EFucKDA11Hw=; b=fFQreMy64YZUrxM4+xd8KPd3SbwaTOj6zB9NX1EAbBMwAcPx4sUPKw2k7Gy1037Bsz LjteZEKLK0hGDi/QyVSlmUBdomNWSC2CpE3iByNBe4BZXnvh21L49bk6iwmr0l5hwfEm GytYF5J8bzE1ADn36uFNMV1vbNUNPJ4Yc9Xo4gdK4VjfdNjbXXaG4814JtnCKW7luFip VHqr/82DM652VHzcimjz3kkWVc86oR6JQk6XqUIg2bRR1Uj73G1AdaGwGJVfE8xF6psJ vb2a0rekDwdduXfLMEyiYn6wJ7KF176v/kG8necv1/YnOcf5VVgFdUxbLlXeEkXfe+fN PzKA== X-Received: by 10.194.219.70 with SMTP id pm6mr48087854wjc.53.1405630574351; Thu, 17 Jul 2014 13:56:14 -0700 (PDT) Received: from ivaldir.etoilebsd.net ([2001:41d0:8:db4c::1]) by mx.google.com with ESMTPSA id go4sm8755321wjc.39.2014.07.17.13.56.12 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 17 Jul 2014 13:56:13 -0700 (PDT) Sender: Baptiste Daroussin Date: Thu, 17 Jul 2014 22:56:11 +0200 From: Baptiste Daroussin To: Adrian Chadd Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? Message-ID: <20140717205611.GD28314@ivaldir.etoilebsd.net> References: <53C82EC4.8060304@gmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="TybLhxa8M7aNoW+V" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) Cc: Craig Rodrigues , Navdeep Parhar , freebsd-doc@freebsd.org, Alberto Mijares , freebsd-current Current , ports X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 20:56:17 -0000 --TybLhxa8M7aNoW+V Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jul 17, 2014 at 01:21:32PM -0700, Adrian Chadd wrote: > On 17 July 2014 13:15, Navdeep Parhar wrote: > > On 07/17/14 13:12, Adrian Chadd wrote: > >> On 17 July 2014 13:03, Alberto Mijares wrote: > >>> On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd wr= ote: > >>>> Hi! > >>>> > >>>> 3) The binary packages need to work out of the box > >>>> 4) .. which means, when you do things like pkg install apache, it > >>>> can't just be installed and not be enabled, because that's a bit of a > >>>> problem; > >>> > >>> > >>> No. Please NEVER do that! The user must be able to edit the files and > >>> start the service by himself. > >> > >> Cool, so what's the single line command needed to type in to start a > >> given package service? > > > > Aren't sysrc(8) and service(8) for this kind of stuff? >=20 > Yup, and if the default is going to be off, then you want the > instructions to be "type this in", not "edit this file." >=20 > There's odd things too, like "oh look I installed xorg, but then I > can't run it without enabling hald/dbus, then starting it.. oh wait, > no mouse, so I have to reboot for them to come up right" kind of crap. >=20 yes that is why xorg needs to have devd instead of hal support by default :) regards, Bapt --TybLhxa8M7aNoW+V Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlPIOGsACgkQ8kTtMUmk6Ez4cACfYIpNaHaY4mrDyleryWRlWXhE fjAAnjmHqQUmgaViMFZfq2Cwo6U99+MX =5T8S -----END PGP SIGNATURE----- --TybLhxa8M7aNoW+V-- From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 20:57:54 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 303359DA; Thu, 17 Jul 2014 20:57:54 +0000 (UTC) Received: from mail-qg0-x233.google.com (mail-qg0-x233.google.com [IPv6:2607:f8b0:400d:c04::233]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9A6E320C9; Thu, 17 Jul 2014 20:57:53 +0000 (UTC) Received: by mail-qg0-f51.google.com with SMTP id a108so2493825qge.10 for ; Thu, 17 Jul 2014 13:57:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=j8qQPvBAZm8h52Q2Jog21x/rIFiLQ8v/JdTwr8kqoug=; b=F1Ve7SmAaDqsU2JxoSqD00mk+hPRCd2XCNQGAC9AaIgHpJEFWjTV0yIH8t6jzAJcZ0 W3lWl4qpSjM2M8BtVn5famQMblkwEnf6einfhLRcSIJRYE+Df6ex5EuLH7K11HM/qEEc g2YZLeSncTcIgvVyy1ZNwLjCQgny9ge5aLxSCj6VbgYnx3/UVSUyst+Z1NOU7qfvrsx7 scsCYu5MySPel9W1MCzkVmap/3dZ8fU9wmWKxSSQ7RSLMswofeL0By3IF3FSy1mNnBPi S/ZbDN9phkdLJ33QznsLfe2qovxO/yQ5PIjZavR+VMg4VunsvxEPu+GEK3Bj9OL5cBeA 5V3w== MIME-Version: 1.0 X-Received: by 10.140.39.164 with SMTP id v33mr59086553qgv.99.1405630672667; Thu, 17 Jul 2014 13:57:52 -0700 (PDT) Sender: adrian.chadd@gmail.com Received: by 10.224.202.193 with HTTP; Thu, 17 Jul 2014 13:57:52 -0700 (PDT) In-Reply-To: <20140717205445.GC28314@ivaldir.etoilebsd.net> References: <53C82EC4.8060304@gmail.com> <20140717205445.GC28314@ivaldir.etoilebsd.net> Date: Thu, 17 Jul 2014 13:57:52 -0700 X-Google-Sender-Auth: tFGoe2H9NjRJIzv4nFRer8J7XMY Message-ID: Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? From: Adrian Chadd To: Baptiste Daroussin Content-Type: text/plain; charset=UTF-8 Cc: Craig Rodrigues , ports , freebsd-doc@freebsd.org, Alberto Mijares , freebsd-current Current , Andreas Nilsson , Navdeep Parhar X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 20:57:54 -0000 On 17 July 2014 13:54, Baptiste Daroussin wrote: > On Thu, Jul 17, 2014 at 10:21:17PM +0200, Andreas Nilsson wrote: >> On Thu, Jul 17, 2014 at 10:15 PM, Navdeep Parhar wrote: >> >> > On 07/17/14 13:12, Adrian Chadd wrote: >> > > On 17 July 2014 13:03, Alberto Mijares wrote: >> > >> On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd >> > wrote: >> > >>> Hi! >> > >>> >> > >>> 3) The binary packages need to work out of the box >> > >>> 4) .. which means, when you do things like pkg install apache, it >> > >>> can't just be installed and not be enabled, because that's a bit of a >> > >>> problem; >> > >> >> > >> >> > >> No. Please NEVER do that! The user must be able to edit the files and >> > >> start the service by himself. >> > > >> > > Cool, so what's the single line command needed to type in to start a >> > > given package service? >> > >> > Aren't sysrc(8) and service(8) for this kind of stuff? >> > >> >> They sure are. >> >> Well, pkg install $service ; sysrc ${service}_enable="YES" would do. >> Although some services have different names than the packge, which is sort >> of annoying. > > Maybe service needs to be extended (seriously sysrc ${service}_enable="YES" is > not user friendly) we have service -l that list the services, maybe a service > ${service} on that create /etc/rc.conf.d/${service} with ${service}_enable="YES" > in it and service ${service} off to remove it > > maybe service -l could also be extended to show the current status (maybe with a > -v switch) > > but for sure having the service off by default is a good idea :) Yeah, maybe having it populate an entry of service_enable="NO" for now . It's even more unclear-ish - it's not obvious which options control services and which ones are configuration things. We don't call it service__enable, right? -a From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 20:55:35 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 17748721 for ; Thu, 17 Jul 2014 20:55:35 +0000 (UTC) Received: from mail1.canodus2.canodus.be (mail1.canodus2.canodus.be [83.149.89.9]) by mx1.freebsd.org (Postfix) with ESMTP id C960F20A0 for ; Thu, 17 Jul 2014 20:55:34 +0000 (UTC) Received: by mail1.canodus2.canodus.be (Postfix, from userid 65534) id 8155032AD09; Thu, 17 Jul 2014 22:46:11 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mail1.canodus2.canodus.be X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from [192.168.1.131] (94-224-50-199.access.telenet.be [94.224.50.199]) by mail1.canodus2.canodus.be (Postfix) with ESMTPSA id 38B1932AC39; Thu, 17 Jul 2014 22:46:11 +0200 (CEST) Message-ID: <1405629960.2468.14.camel@debian.wout-t440s> Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? From: Wout =?ISO-8859-1?Q?Decr=E9?= To: Adrian Chadd Date: Thu, 17 Jul 2014 22:46:00 +0200 In-Reply-To: References: <53C82EC4.8060304@gmail.com> Organization: Canodus Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.12.2-1 Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Thu, 17 Jul 2014 20:58:43 +0000 Cc: Craig Rodrigues , freebsd-doc@freebsd.org, freebsd-current Current , ports , Navdeep Parhar X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 20:55:35 -0000 On Thu, 2014-07-17 at 13:21 -0700, Adrian Chadd wrote: > On 17 July 2014 13:15, Navdeep Parhar wrote: > > On 07/17/14 13:12, Adrian Chadd wrote: > >> On 17 July 2014 13:03, Alberto Mijares wrote: > >>> On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd wrote: > >>>> Hi! > >>>> > >>>> 3) The binary packages need to work out of the box > >>>> 4) .. which means, when you do things like pkg install apache, it > >>>> can't just be installed and not be enabled, because that's a bit of a > >>>> problem; > >>> > >>> > >>> No. Please NEVER do that! The user must be able to edit the files and > >>> start the service by himself. > >> > >> Cool, so what's the single line command needed to type in to start a > >> given package service? > > > > Aren't sysrc(8) and service(8) for this kind of stuff? > > Yup, and if the default is going to be off, then you want the > instructions to be "type this in", not "edit this file." > > There's odd things too, like "oh look I installed xorg, but then I > can't run it without enabling hald/dbus, then starting it.. oh wait, > no mouse, so I have to reboot for them to come up right" kind of crap. > > That's the kind of thing that turns people away. > I see your point, and agree that there should be clear instructions after installing a port/package. Most ports I install already do a good job at this. But I would not like anything to autostart just because I install it. Prefer to enable rather than disable something, or worse, having it autostart without knowing. That's the kind of thing that turned me to FreeBSD :-) > > > -a > _______________________________________________ > freebsd-doc@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-doc > To unsubscribe, send any mail to "freebsd-doc-unsubscribe@freebsd.org" From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 21:07:45 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3BEC0E16; Thu, 17 Jul 2014 21:07:45 +0000 (UTC) Received: from mail-we0-x231.google.com (mail-we0-x231.google.com [IPv6:2a00:1450:400c:c03::231]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 2E39821A6; Thu, 17 Jul 2014 21:07:43 +0000 (UTC) Received: by mail-we0-f177.google.com with SMTP id w62so3634674wes.8 for ; Thu, 17 Jul 2014 14:07:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=3zws4rD1JOMBcK02uNV3HsYaEBYKaIhOVHGucI3CDcA=; b=zzuWFbWBmJUoYnH2TF/ZcVYxgoD3/pABq1/+M/ra1mXtYaQpFQqnnD5+OGCJTOHQI3 ZQ4kJeGY30xcNm6OLYw3UAEL+oNlxjDiigsNNTn37jGh1XiJfuF+adyLWaYp53N1sIec f+J9ckfUGD9RZ5BqGBeP5Y9NuvyPTs0jm+shqEGiH2T87BzzRhlHFX3ECeFChg7hG7ci IDyAykXics0TJb978cxO1+4hQa1R42bFl7weQRfUuwDr4xqWPLJvasRVWJXoJxTKmnEp EgzjFpxtxeXtXDb+nJ4aIAYx3sH1qJfK8FPyis1oxcsiE3h6kPdKe6/izsNbbd3HnkQp 1nqA== X-Received: by 10.180.20.15 with SMTP id j15mr26122859wie.60.1405631262448; Thu, 17 Jul 2014 14:07:42 -0700 (PDT) Received: from ivaldir.etoilebsd.net ([2001:41d0:8:db4c::1]) by mx.google.com with ESMTPSA id o9sm72458028wib.22.2014.07.17.14.07.40 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 17 Jul 2014 14:07:41 -0700 (PDT) Sender: Baptiste Daroussin Date: Thu, 17 Jul 2014 23:07:39 +0200 From: Baptiste Daroussin To: Adrian Chadd Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? Message-ID: <20140717210738.GE28314@ivaldir.etoilebsd.net> References: <53C82EC4.8060304@gmail.com> <20140717205445.GC28314@ivaldir.etoilebsd.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="idY8LE8SD6/8DnRI" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) Cc: Craig Rodrigues , ports , freebsd-doc@freebsd.org, Alberto Mijares , freebsd-current Current , Andreas Nilsson , Navdeep Parhar X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 21:07:45 -0000 --idY8LE8SD6/8DnRI Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jul 17, 2014 at 01:57:52PM -0700, Adrian Chadd wrote: > On 17 July 2014 13:54, Baptiste Daroussin wrote: > > On Thu, Jul 17, 2014 at 10:21:17PM +0200, Andreas Nilsson wrote: > >> On Thu, Jul 17, 2014 at 10:15 PM, Navdeep Parhar w= rote: > >> > >> > On 07/17/14 13:12, Adrian Chadd wrote: > >> > > On 17 July 2014 13:03, Alberto Mijares wrote: > >> > >> On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd > >> > wrote: > >> > >>> Hi! > >> > >>> > >> > >>> 3) The binary packages need to work out of the box > >> > >>> 4) .. which means, when you do things like pkg install apache, it > >> > >>> can't just be installed and not be enabled, because that's a bit= of a > >> > >>> problem; > >> > >> > >> > >> > >> > >> No. Please NEVER do that! The user must be able to edit the files= and > >> > >> start the service by himself. > >> > > > >> > > Cool, so what's the single line command needed to type in to start= a > >> > > given package service? > >> > > >> > Aren't sysrc(8) and service(8) for this kind of stuff? > >> > > >> > >> They sure are. > >> > >> Well, pkg install $service ; sysrc ${service}_enable=3D"YES" would do. > >> Although some services have different names than the packge, which is = sort > >> of annoying. > > > > Maybe service needs to be extended (seriously sysrc ${service}_enable= =3D"YES" is > > not user friendly) we have service -l that list the services, maybe a s= ervice > > ${service} on that create /etc/rc.conf.d/${service} with ${service}_ena= ble=3D"YES" > > in it and service ${service} off to remove it > > > > maybe service -l could also be extended to show the current status (may= be with a > > -v switch) > > > > but for sure having the service off by default is a good idea :) >=20 > Yeah, maybe having it populate an entry of service_enable=3D"NO" for now . then you need to extend rcng to support /usr/local/etc/rc.conf.d so the pac= kages can install them without touching base :) and we will need to wait for all supported FreeBSD version to have the said modification) >=20 > It's even more unclear-ish - it's not obvious which options control > services and which ones are configuration things. We don't call it > service__enable, right? >=20 imho this is obvious _enable =3D=3D control service. regards, Bapt --idY8LE8SD6/8DnRI Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlPIOxoACgkQ8kTtMUmk6EwhrACdE6ef7NyfN2uu1O6NBfpmE9Q7 z6UAnj/osU0iqaiBfJE2KME+Jk50zw7t =Di1K -----END PGP SIGNATURE----- --idY8LE8SD6/8DnRI-- From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 21:13:20 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A2B45BD; Thu, 17 Jul 2014 21:13:20 +0000 (UTC) Received: from mail-wg0-x22e.google.com (mail-wg0-x22e.google.com [IPv6:2a00:1450:400c:c00::22e]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 99564223F; Thu, 17 Jul 2014 21:13:19 +0000 (UTC) Received: by mail-wg0-f46.google.com with SMTP id m15so2540443wgh.17 for ; Thu, 17 Jul 2014 14:13:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=dN26qToEZOOiPYkJdKXiOhQWiFXuk6UUK7VK2MINUoM=; b=0hr4Q+4cLzGglSF7oaBep/P3iXPtUzPloEl/YzsHP8xzHO+XOf4abNEgcV06NwMRre NNYLbcexkM6D4hse95PFhrdAUDVaWO0UmJLvOjRCQ+pcepxtgRA0nI88pA1tiXmo3NDd 1wALFxdGcr8E2OjJJZHnFbZUw3vwzhpcCTZHzElkNZ29BNTpNSqx15kzDbIFmg5cOD2X ocTZ3E1eC66KXvMSjzQgTA78ZHxnHGreXeWVYE5M3Ng7gMCN7NbTo2qMHMLak//Jjr2u az+tDcVkMGg2fXY4oFAgiq1rXU2Kg8sQ455yB7TQYlQp6JQp4KeVhuKqkNp1sL6/UpGH Q/Jw== X-Received: by 10.181.13.112 with SMTP id ex16mr25444517wid.58.1405631597746; Thu, 17 Jul 2014 14:13:17 -0700 (PDT) Received: from ivaldir.etoilebsd.net ([2001:41d0:8:db4c::1]) by mx.google.com with ESMTPSA id di7sm8861163wjb.34.2014.07.17.14.13.16 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 17 Jul 2014 14:13:16 -0700 (PDT) Sender: Baptiste Daroussin Date: Thu, 17 Jul 2014 23:13:14 +0200 From: Baptiste Daroussin To: Andreas Nilsson Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? Message-ID: <20140717211314.GG28314@ivaldir.etoilebsd.net> References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="m972NQjnE83KvVa/" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) Cc: Craig Rodrigues , Adrian Chadd , freebsd-current Current , freebsd-doc@freebsd.org, ports X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 21:13:20 -0000 --m972NQjnE83KvVa/ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jul 17, 2014 at 09:57:44PM +0200, Andreas Nilsson wrote: > On Thu, Jul 17, 2014 at 9:28 PM, Adrian Chadd wrote: >=20 > > Hi! > > > > 3) The binary packages need to work out of the box > > 4) .. which means, when you do things like pkg install apache, it > > can't just be installed and not be enabled, because that's a bit of a > > problem; > > > I disagree on this. For network services on linux ( apart from ssh ), I > want that started very seldom. But I do want the package installed so that > when I need it, it is there. Having it autostart as part of being install= ed > is breaking KISS and in some way unix philosophy: I asked for something to > be installed, not installed and autostarted. >=20 > > 5) .. and then we need examples of actually deploying useful > > scenarios, like "so here's what you type to get django working right", > > "here's how you get a default memcached that works well", "here's how > > you bring up node.js", etc. > > > Oh yes. I think that quite a few packages have default options that make > them unsuitable for out-of-box usage, ie some lack the sane default > dbi-stuff and so on. >=20 Reporting them is very much needed, we try to change this but without repor= t it is hard, as much as I can I use vanilla packages now, and I discovered that= they are now pretty much sane, a few example has been found and modified recently like nginx not supporting https by default, so do not hesitate to report any unsuitable options for out-of-box usage. regards, Bapt --m972NQjnE83KvVa/ Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlPIPGoACgkQ8kTtMUmk6EwnGwCghpAb7hNsedG1Vq3nKxIpXsFn ausAn1PcYrU9sQrXC2LUnJM47PUA8tU+ =E4Du -----END PGP SIGNATURE----- --m972NQjnE83KvVa/-- From owner-freebsd-current@FreeBSD.ORG Thu Jul 17 22:23:10 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 09CBFF7C; Thu, 17 Jul 2014 22:23:10 +0000 (UTC) Received: from outpost1.zedat.fu-berlin.de (outpost1.zedat.fu-berlin.de [130.133.4.66]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 88D2727FC; Thu, 17 Jul 2014 22:23:09 +0000 (UTC) Received: from inpost2.zedat.fu-berlin.de ([130.133.4.69]) by outpost.zedat.fu-berlin.de (Exim 4.82) with esmtp (envelope-from ) id <1X7u4q-000nl4-Ah>; Fri, 18 Jul 2014 00:23:00 +0200 Received: from g229111184.adsl.alicedsl.de ([92.229.111.184] helo=thor.walstatt.dynvpn.de) by inpost2.zedat.fu-berlin.de (Exim 4.82) with esmtpsa (envelope-from ) id <1X7u4q-003can-5d>; Fri, 18 Jul 2014 00:23:00 +0200 Date: Fri, 18 Jul 2014 00:22:52 +0200 From: "O. Hartmann" To: Willem Jan Withagen Subject: Re: [CURRENT]: weird memory/linker problem? Message-ID: <20140718002252.09f55fc1.ohartman@zedat.fu-berlin.de> In-Reply-To: <53B2D262.2040502@digiware.nl> References: <20140622165639.17a1ba1e.ohartman@zedat.fu-berlin.de> <20140623163115.03bdd675.ohartman@zedat.fu-berlin.de> <20140701150755.548ed6b9.ohartman@zedat.fu-berlin.de> <53B2D262.2040502@digiware.nl> Organization: FU Berlin X-Mailer: Claws Mail 3.10.1 (GTK+ 2.24.22; amd64-portbld-freebsd11.0) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; boundary="Sig_/j9Oi4X442YBhPfD4RtIhknH"; protocol="application/pgp-signature" X-Originating-IP: 92.229.111.184 X-ZEDAT-Hint: A Cc: "Rang, Anton" , Adrian Chadd , FreeBSD CURRENT , Dimitry Andric X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2014 22:23:10 -0000 --Sig_/j9Oi4X442YBhPfD4RtIhknH Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Am Tue, 01 Jul 2014 17:23:14 +0200 Willem Jan Withagen schrieb: > On 2014-07-01 16:48, Rang, Anton wrote: > > DOT =3D> DOD > > > > 444F54 =3D> 444F44 > > > > That's a single-bit flip. Bad memory, perhaps? >=20 > Very likely, especially if the system does not have ECC.... > It just happens on rare occasions that a alpha particle, power cycle, or= =20 > any things else disruptive damages a memory cell. And it could be that=20 > it requires a special pattern of accesses to actually exhibit the error. >=20 > In the past (199x's) 'make buildworld' used to be a rather good memory=20 > tester. But nowadays look at > http://www.memtest.org/ >=20 > This tool has found all of the bad memory in all the systems I used and=20 > or build for others... > Note that it might take a few runs and some more heat to actually=20 > trigger the faulty cell, but memtest86 will usually find it. >=20 > Note that on big systems with lots of memory it can take a loooooong=20 > time to run just one full testset to completion. >=20 > --WjW >=20 >=20 > > > > Anton > > > > -----Original Message----- > > From: owner-freebsd-current@freebsd.org [mailto:owner-freebsd-current@f= reebsd.org] On > > Behalf Of O. Hartmann Sent: Tuesday, July 01, 2014 8:08 AM > > To: Dimitry Andric > > Cc: Adrian Chadd; FreeBSD CURRENT > > Subject: Re: [CURRENT]: weird memory/linker problem? > > > > Am Mon, 23 Jun 2014 17:22:25 +0200 > > Dimitry Andric schrieb: > > > >> On 23 Jun 2014, at 16:31, O. Hartmann wr= ote: > >>> Am Sun, 22 Jun 2014 10:10:04 -0700 > >>> Adrian Chadd schrieb: > >>>> When they segfault, where do they segfault? > >> ... > >>> GIMP, LaTeX work, nothing special, but a bit memory consuming > >>> regrading GIMP) I tried updating the ports tree and surprisingly the > >>> tree is left over in a unclean condition while /usr/bin/svn segfault > >>> (on console: pid 18013 (svn), uid 0: exited on signal 11 (core dumped= )). > >>> > >>> Using /usr/local/bin/svn, which is from the devel/subversion port, > >>> performs well, while FreeBSD 11's svn contribution dies as described.= It did not > >>> hours ago! > >> > >> I think what Adrian meant was: can you run svn (or another crashing > >> program) in gdb, and post a backtrace? Or maybe run ktrace, and see > >> where it dies? > >> > >> Alternatively, put a core dump and the executable (with debug info) in > >> a tarball, and upload it somewhere, so somebody else can analyze it. > >> > >> -Dimitry > >> > > > > It's me again, with the same weird story. > > > > After a couple of days silence, the mysterious entity in my computer is= back. This > > time it is again a weird compiler message of failure (trying to buildwo= rld): > > > > [...] > > c++ -O2 -pipe -O3 -O3 > > c++ -I/usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include > > -I/usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/tools/clang/i= nclude > > -I/usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/lib/Support -= I. > > -I/usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/../../lib/cla= ng/include > > -DLLVM_ON_UNIX -DLLVM_ON_FREEBSD -D__STDC_LIMIT_MACROS -D__STDC_CONSTAN= T_MACROS > > -fno-strict-aliasing -DLLVM_DEFAULT_TARGET_TRIPLE=3D\"x86_64-unknown-fr= eebsd11.0\" > > -DLLVM_HOST_TRIPLE=3D\"x86_64-unknown-freebsd11.0\" -DDEFAULT_SYSROOT= =3D\"\" > > -Qunused-arguments -I/usr/obj/usr/src/tmp/legacy/usr/include -std=3Dc++= 11 > > -fno-exceptions -fno-rtti -Wno-c++11-extensions > > -c /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/lib/Support/= Host.cpp -o > > Host.o --- GraphWriter.o --- In file included > > from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/lib/Suppor= t/GraphWriter.cpp:14: /usr/src/lib/clang/libllvmsupport/../../../contrib/ll= vm/include/llvm/Support/GraphWriter.h:269:10: > > error: use of undeclared identifier 'DOD'; did you mean 'DOT'? O << > > DOD::EscapeString(Label); ^~~ > > DOT /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llv= m/Support/GraphWriter.h:35:11: > > note: 'DOT' declared here namespace DOT { // Private functions... ^ 1 = error > > generated. *** [GraphWriter.o] Error code 1 > > > > > > Well, in the past I saw many of those messages, especially not found la= bels of > > routines in shared objects/libraries or even those "funny" misspelled m= essages shown > > above. > > > > I can not reproduce them after a reboot, but as long as the system is r= unning with > > this error occured, it is sticky. So in order to compile the OS success= fully, I > > reboot. > > > > Does anyone have an idea what this could be? Since it affects at the mo= ment only one > > machine (the other CoreDuo has been retired in the meanwhile), it feels= a bit like a > > miscompilation on a certain type of CPU. > > > > Thanks for your patience, > > > > Oliver Hello all. Well, I'd like to update some informations. It doesn't relief the special c= oncern, but might be a kind of replenishment of experience. The box in question is now with only 4GB - and is oprable as expected. With= 8 GB, I see those reported weird bugs and they revealed themselfes as indeed bit flips.= I can not reproduce them, the occur spontanously, but I can raise the frequency by pe= rmutating the RAM sticks. So far. As reported, the memtest86+ test doesn't show anything = even after three days(!) of testing! The bos was built 2009 as a development system with 4GB RAM. That time, the= developer ordered special and expensive overclocker RAM, Ballistix, from Crucial. Usu= ally, I purchase JEDEC conform RAM - I have some allergic reaction to this stupid o= verclocking and "planned destruction with fun" of silica by overdriving it. Especially = when it concerns equipment we have to rely on. The box has then been upgraded with = further 4GB RAM (two sticks) of the same type and brand, consuming 2+ volts (as far as = I know). Last summer, after 4 years of problem less operation, suddenly I had to fig= ht with spontanous crashes and blamed FBSD CURRENT, but very quickly the memory was= revealed as to be the culprit. The funny thing was: the box "roasted" literally the upp= er 4 GB bank and they got that hot, you might have burned your fingers seriously when to= uched (I did!). The end of that game was, after a cascade of tests, swapping RAM sti= cks, that those sticks in the upper slots (B1 and B2) where destroyed! After I exchan= ged the RAM completely to JEDEC conform 8 GB, the system ran perfectly, until this summ= er again. When in end of May the temperatures went beyon 20 degree Celsius in my lab, the = bos started having the issues with this bit flips. I guess that there is a temperature triggered problem with the voltage regu= lation or something killing slowly the RAM modules/sticks. This is only a guess. As I= reported, the chipset itself reports 81 - 85 degree C (in BIOS and with healthd). This hi= gh temperature occured suddenly last year and I first thought that could be a mismeasureme= nt. After testing VBox and occupying all available memory without any obvious e= rror or crash, I tried compiling the OS and it seems that the notable load LLVM/CLANG rpod= uces building parallelised world/kernel triggers also this bit flip which results very fa= st in strange errors as reported earlier in this thread. The ultimate failure arose when = I tried to install a Windows 7 on a free harddrive with 8 GB: the install process died= with a file corruption or not-copied file. I didn't dare to try the FreeBSD installatio= n since I know from the past that even FreeBSD's copying also triggers very fast hardware = issues if any available (overheating and sibblings). With 4 GB only everything works as e= xpected, but 4 GB is a pain in the ass with ZFS and 11.0-CURRENT alone, not to mention the= pain when doing some memory intensive calculations/simulations or even VBox. At the end, there is a mixed conclusion. I realise that I can not trust the= expertise of memtest86+. There is no suitable "burn-in" test for FreeBSD consuming, stre= ssing, tortouring memory and bus systems as well as all cores of the CPU starting = with Core2Duo CPUs, since cpuburn/burncpu of the ports do not utilise AVX/SIMD or other "= hot" facilities of modern Intel-like CPUs or stressing the integrated memory controller in = a "brutal" way. Prime95 is only available for i386 - and that is a pity on amd64 and >= 4GB RAM. At the end, there is no reason to purchase again a Workstation-grade mainbo= ard, as advertised by ASUS, for instance, with this overclocking crap. I leave behi= nd a very bitter taste - for my personal view. Since the memory problems I realised d= o not reveal themselfes as "steady-state" problems, permanently, I fear data corruption = not indicated by any protection - so for the future, ECC is some kind of a must. And this= means, even for "low end" workstations, byebye cheap crappy Intel toy CPUs! At least a = XEON type, ECC capable processor is a prerequisite and I wish AMD had not followed the= cheap man's path ripping the ECC facilities off their consumer CPUs. It is a matter of = fact that even in the academic environment "cheap" ECCless systems are purchased for "cost effectiveness".=20 At the end, I personally wish for some massive tortouring tools like cpubur= n or something more sophisticated to stress the CPU to its limit - to test the reliability= , the cooling facilities and the energy support (power supply flaky under heavy load, etc= .?). FreeBSD's port do not have even the simplest Prime95 in a 64bit version as it is avai= lable for Linux or Windows. I'm sure, some professionals are capable of pulling toget= her some massive stresstest tools, but please could this be made available for the n= ot so professionals and more "common" users? Maybe a naive Christmas wish? I need to replace the system since I can not rely on that flaky box anymore= , even when using encrypted devices. That is, after a painful time and hopes, the final= conclusion. Regards and thanks for the patience reading this far, Oliver --Sig_/j9Oi4X442YBhPfD4RtIhknH Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJTyEzDAAoJEOgBcD7A/5N8GcgH/1ULRP8IMJR+8fH8CJkYhArW +CmCH9WFp7IMisKKcjqzWsOjPz1rE5ubg6AA+aFP7yvyTW3IrWxF0YzpMVFiV3+6 BhO77RIxYcuVye+F+Hf5W5QcRdBdGjiZe0nGdTdF1SvEvjh5F6KChMkhWJkHJDZP zYYWmne/HAQxUIxRnc9PDOcdMANbqVCYOero9VhkexbzHuBsNIDELjsDuHUOZE7z 6opVrkznB5MVpawcaidxYVJeFO1odukA4UYxXHjfwtPgpL25dT8W04QsCPI+hShr wPFzciWw3hDJos3XTKKTtH9dX0OOPQwJViHVM/S1duGXZzEE8ReHHuQLO3qowAc= =nksm -----END PGP SIGNATURE----- --Sig_/j9Oi4X442YBhPfD4RtIhknH-- From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 05:54:26 2014 Return-Path: Delivered-To: current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 45B482C9; Fri, 18 Jul 2014 05:54:26 +0000 (UTC) Received: from outpost1.zedat.fu-berlin.de (outpost1.zedat.fu-berlin.de [130.133.4.66]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F34B52A55; Fri, 18 Jul 2014 05:54:25 +0000 (UTC) Received: from inpost2.zedat.fu-berlin.de ([130.133.4.69]) by outpost.zedat.fu-berlin.de (Exim 4.82) with esmtp (envelope-from ) id <1X817e-001nT0-RT>; Fri, 18 Jul 2014 07:54:22 +0200 Received: from e179168030.adsl.alicedsl.de ([85.179.168.30] helo=thor.walstatt.dynvpn.de) by inpost2.zedat.fu-berlin.de (Exim 4.82) with esmtpsa (envelope-from ) id <1X817e-0004wl-Nq>; Fri, 18 Jul 2014 07:54:22 +0200 Date: Fri, 18 Jul 2014 07:54:16 +0200 From: "O. Hartmann" To: Hooman Fazaeli Subject: Re: PostgreSQL performance on FreeBSD Message-ID: <20140718075416.2bde7e9d.ohartman@zedat.fu-berlin.de> In-Reply-To: <53C7EFA3.3070100@gmail.com> References: <20140627125613.GT93733@kib.kiev.ua> <20140716132938.GB93733@kib.kiev.ua> <53C7EFA3.3070100@gmail.com> Organization: FU Berlin X-Mailer: Claws Mail 3.10.1 (GTK+ 2.24.22; amd64-portbld-freebsd11.0) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; boundary="Sig_/ktPsIHr7PD1VnsaAGF96FL2"; protocol="application/pgp-signature" X-Originating-IP: 85.179.168.30 X-ZEDAT-Hint: A Cc: Konstantin Belousov , performance@freebsd.org, current@freebsd.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 05:54:26 -0000 --Sig_/ktPsIHr7PD1VnsaAGF96FL2 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Am Thu, 17 Jul 2014 20:15:39 +0430 Hooman Fazaeli schrieb: > On 7/16/2014 5:59 PM, Konstantin Belousov wrote: > > On Fri, Jun 27, 2014 at 03:56:13PM +0300, Konstantin Belousov wrote: > >> Hi, > >> I did some measurements and hacks to see about the performance and > >> scalability of PostgreSQL 9.3 on FreeBSD, sponsored by The FreeBSD > >> Foundation. > >> > >> The results are described in https://kib.kiev.ua/kib/pgsql_perf.pdf. > >> The uncommitted patches, referenced in the article, are available as > >> https://kib.kiev.ua/kib/pig1.patch.txt > >> https://kib.kiev.ua/kib/patch-2 > > A followup to the original paper. > > > > Most importantly, I identified the cause for the drop on the graph > > after the 30 clients, which appeared to be the debugging version > > of malloc(3) in libc. > > > > Also there are some updates on the patches. > > > > New version of the paper is available at > > https://www.kib.kiev.ua/kib/pgsql_perf_v2.0.pdf > > The changes are marked as 'update for version 2.0'. >=20 > Thanks for the great work! >=20 > Did you tested the effect of hyper-threading (on or off) on the results? >=20 >=20 A "naive" question besides: Does this labor and effort only affects the work with the PostgreSQL 9.3 da= tabase and is recent FreeBSD only optimized for this servicing puprpose or provides this = also some benefeits for other high-performance scenarios? Oliver=20 --Sig_/ktPsIHr7PD1VnsaAGF96FL2 Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJTyLaOAAoJEOgBcD7A/5N8MdIIAKTL6TAh/N2rDVC8qx4tIN7V DiSLcK2cBfkEXgPXJc6krk6QwDE5aTCJh3XUrnp2Fq8YSk+hK1+aVy/4Chr6oe7X q1wi1UNOvl6FPPntKZI7GFp2ML/1kjwKRMV/JKTfqOXegvlB/jLaEXi0wFkBUnRL mLnHXf3ORR4asBtleEstFe6YAdwfHwPV5jNs/lZrL9n62I7kf5UyR4e2xHqTrg29 23VNeAkfpqTDpLLAvZmjD4qBev1UtuqqCVwHqbJdPDF/dmXr+tJqWXh8xps4/6++ t1MeVq34uZlOyDZ7l6W/q8UzUx9E+p9wttFLfsksJmZfGFVQ3QQR6ooRXBSLJxE= =Qr8a -----END PGP SIGNATURE----- --Sig_/ktPsIHr7PD1VnsaAGF96FL2-- From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 11:06:55 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3AAE0D30; Fri, 18 Jul 2014 11:06:55 +0000 (UTC) Received: from cell.glebius.int.ru (glebius.int.ru [81.19.69.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "cell.glebius.int.ru", Issuer "cell.glebius.int.ru" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id B4E982657; Fri, 18 Jul 2014 11:06:54 +0000 (UTC) Received: from cell.glebius.int.ru (localhost [127.0.0.1]) by cell.glebius.int.ru (8.14.9/8.14.9) with ESMTP id s6IB6k1w023214 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 18 Jul 2014 15:06:46 +0400 (MSK) (envelope-from glebius@FreeBSD.org) Received: (from glebius@localhost) by cell.glebius.int.ru (8.14.9/8.14.9/Submit) id s6IB6jdS023213; Fri, 18 Jul 2014 15:06:45 +0400 (MSK) (envelope-from glebius@FreeBSD.org) X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to glebius@FreeBSD.org using -f Date: Fri, 18 Jul 2014 15:06:45 +0400 From: Gleb Smirnoff To: "Kristian K. Nielsen" Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? Message-ID: <20140718110645.GN87212@FreeBSD.org> References: <53C706C9.6090506@com.jkkn.dk> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <53C706C9.6090506@com.jkkn.dk> User-Agent: Mutt/1.5.23 (2014-03-12) Cc: freebsd-current@freebsd.org, freebsd-questions@freebsd.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 11:06:55 -0000 Kristian, On Thu, Jul 17, 2014 at 01:12:09AM +0200, Kristian K. Nielsen wrote: K> a) First of all - are any actively developing pf in FreeBSD? No one right now. K> b) We are a major release away from OpenBSD (5.6 coming soon) - is K> following OpenBSD's pf the past? - should it be? Following OpenBSD on features would be cool, but no bulk imports would be made again. Bulk imports produce bad quality of port, and also pf in OpenBSD has no multi thread support. K> c) We never got the new syntax from OpenBSD 4.7's pf - at the time a K> long discussion on the pf-mailing list flamed the new syntax saying it K> would cause FreeBSD administrators too much headache. Today on the list K> it seems everyone wants it - so would we rather stay on a dead branch K> than keep up with the main stream? The pf mailing list is about a dozen of active people. Yes, they are vocal on the new syntax. But there also exist a large number of common FreeBSD users who simply use pf w/o caring about syntax and reading pf mailing list. If we destroy the syntax compatibility a very large population of users would be hurt, for the sake of making a dozen happy. K> d) Anyone working on bringing FreeBSD up to pf 5.6? - seem dead on the K> pf-list. See b). K> e) OpenBSD is retiring ALTQ entirely - any thoughts on that? K> http://undeadly.org/cgi?action=article&sid=20140419151959 We have plan on retiring the interface queues entirely. So, interfaces would have only a transmit method. However, we could make it pluggable: a altq_transmit is plugged in place of standard transmit. This will keep ALTQ in system, but w/o any affect on the rest of the stack. Very much like the pfil(9) interface cleansed up the network stack from ipfw/ipfilter hooks. This needs developer power, however. K> f) IPv6 support?- it seem to be more and more challenged in the current K> version of pf in FreeBSD and I am (as well as others) introducing more K> and more IPv6 in networks. K> E.x. Bugs #179392, #172648, #130381, #127920 and more seriously #124933, K> which is the bug on not handling IPv6 fragments which have been open K> since 2008 and where the workaround is necessity to leave an completely K> open hole in your firewall ruleset to allow all fragments. According to K> comment in the bug, this have been long gone in OpenBSD. Yes. This hurts a lot of people and needs manpower to be solved. K> g) Performance, can we live with pf-performance that compared to OpenBSD K> is slower by a factor of 3 or 4, even after the multi-core support in K> FreeBSD 10? K> (Henning Brauer noted that in this talk at K> http://tech.yandex.ru/events/yagosti/ruBSD/talks/1488/ (at 33:18 and K> 36:53)) - credit/Jim Thompson I was there. Henning Brauer impudently called "a lies" a fact that was carefully measured and provided with enough details (CPU, NIC, testing technique, configuration), so that anyone can reproduce and check that [1]. In next 10 seconds Henning Brauer claimed that on a single core OpenBSD is faster by a factor of 3 or 4, providing absolutely no test data. Impudently crying "Lies!" achieving approving laughter from the audience is a politian way of discussion. Uncorroborated claims, where predictions vary by 33%, is also politian tool. Henning definitely could made a carreer. Scientific way of discussion is making an experiment, publishing results and experiment details, so that anyone can reproduce. P.S. Not speaking about who cares about single core performance today? K> h) Bringing back patches from pfSense? Possible if they are useful and license permits. Again, manpower required. K> And my most important question: K> K> * Should this or could this be a project for the foundation to either do K> a summer project or funded project to bring this part of the OS up to date? First, we need a person, then we need funding. In late 2012, when I finished the pf-smp project, I was seeking for funding to continue. Couple negotiations failed. Now I lost the momentum on pf and switched to other tasks, so I am not available. [1] I mean the testing made by Olivier Cochard Labbé. https://twitter.com/ocochardlabbe/status/401349027960082432/photo/1 More details in mailing list archives, or you can request from Olivier. -- Totus tuus, Glebius. From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 12:10:31 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E39F0178; Fri, 18 Jul 2014 12:10:31 +0000 (UTC) Received: from mail.0x20.net (mail.0x20.net [IPv6:2001:aa8:fffb:1::3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 690A62C10; Fri, 18 Jul 2014 12:10:31 +0000 (UTC) Received: from e-new.0x20.net (mail.0x20.net [IPv6:2001:aa8:fffb:1::3]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.0x20.net (Postfix) with ESMTPS id 94EBE6A6032; Fri, 18 Jul 2014 14:10:26 +0200 (CEST) Received: from e-new.0x20.net (localhost [127.0.0.1]) by e-new.0x20.net (8.14.7/8.14.7) with ESMTP id s6ICAQWP044731; Fri, 18 Jul 2014 14:10:26 +0200 (CEST) (envelope-from lars@e-new.0x20.net) Received: (from lars@localhost) by e-new.0x20.net (8.14.7/8.14.7/Submit) id s6ICAP42043569; Fri, 18 Jul 2014 14:10:25 +0200 (CEST) (envelope-from lars) Date: Fri, 18 Jul 2014 14:10:25 +0200 From: Lars Engels To: Adrian Chadd Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? Message-ID: <20140718121025.GD96250@e-new.0x20.net> Mail-Followup-To: Lars Engels , Adrian Chadd , Andreas Nilsson , Craig Rodrigues , freebsd-doc@freebsd.org, freebsd-current Current , ports References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="osDK9TLjxFScVI/L" Content-Disposition: inline In-Reply-To: X-Editor: VIM - Vi IMproved 7.4 X-Operation-System: FreeBSD 8.4-RELEASE-p4 User-Agent: Mutt/1.5.23 (2014-03-12) Cc: Craig Rodrigues , freebsd-doc@freebsd.org, freebsd-current Current , ports , Andreas Nilsson X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 12:10:32 -0000 --osDK9TLjxFScVI/L Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jul 17, 2014 at 01:00:03PM -0700, Adrian Chadd wrote: > On 17 July 2014 12:57, Andreas Nilsson wrote: > > > > > > > > On Thu, Jul 17, 2014 at 9:28 PM, Adrian Chadd wrot= e: > >> > >> Hi! > >> > >> 3) The binary packages need to work out of the box > >> 4) .. which means, when you do things like pkg install apache, it > >> can't just be installed and not be enabled, because that's a bit of a > >> problem; > > > > I disagree on this. For network services on linux ( apart from ssh ), I= want > > that started very seldom. But I do want the package installed so that w= hen I > > need it, it is there. Having it autostart as part of being installed is > > breaking KISS and in some way unix philosophy: I asked for something to= be > > installed, not installed and autostarted. >=20 > That's cool. We can disagree on that. But the fact that you have to > edit a file to enable things and hope you get the right start entry in > /etc/rc.conf or /usr/local/etc/rc.conf, or wherever you put it is, is > a pain. No, Sir! No need to edit anything: root@testjail: # pkg install apache24 Updating repository catalogue The following 5 packages will be installed: Installing pcre: 8.33 Installing gdbm: 1.10 Installing db42: 4.2.52_5 Installing apr: 1.4.8.1.5.3 Installing apache24: 2.4.6_1 The installation will require 47 MB more space 5 MB to be downloaded Proceed with installing packages [y/N]: y gdbm-1.10.txz 100% 83KB 83.2KB/s 83.2KB/s 00:00 db42-4.2.52_5.txz 100% 1457KB 1.4MB/s 1.4MB/s 00:00 apr-1.4.8.1.5.3.txz 100% 390KB 389.5KB/s 389.5KB/s 00:00 apache24-2.4.6_1.txz 100% 3649KB 3.6MB/s 3.6MB/s 00:00 Checking integrity... done [1/5] Installing pcre-8.33... done [2/5] Installing gdbm-1.10... done [3/5] Installing db42-4.2.52_5... done [4/5] Installing apr-1.4.8.1.5.3... done [5/5] Installing apache24-2.4.6_1...=3D=3D=3D> Creating users and/or groups. Using existing group 'www'. Using existing user 'www'. /usr/local/share/examples/apache24/httpd.conf -> /usr/local/etc/apache24/httpd.conf done To run apache www server from startup, add apache24_enable=3D"yes" in your /etc/rc.conf. Extra options can be found in startup script. Your hostname must be resolvable using at least 1 mechanism in /etc/nsswitch.conf typically DNS or /etc/hosts or apache might have issues starting depending on the modules you are using. root@testjail: # sysrc apache24_enable=3Dyes apache24_enable: -> yes root@testjail: # service apache24 start Performing sanity check on apache24 configuration: AH00557: httpd: apr_sockaddr_info_get() failed for testjail AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message Syntax OK Starting apache24. AH00557: httpd: apr_sockaddr_info_get() failed for testjail AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message root@testjail: # That's 3 commands to enter. Admittedly 2 more than on some OS that blindly starts any service you install, but 2 steps more logical and even a newbie can do this. What could be done is that pkg looks for rc scripts in a package, extracts the enable line and prints a message how to enable the script / daemon permanently. Like:=20 - To start the script "apache24" once run "service apache24 onestart". - To start the script "apache24" at boot time run "sysrc apache24_enable=3D= yes" - The script "apache24" has the following optional settings for /etc/rc.con= f: apache24_profiles (str): Set to "" by default. Define your profiles here. apache24limits_enable (bool):Set to "NO" by default. Set it to yes to run `limits $limits_args` just before apache starts. apache24_flags (str): Set to "" by default. Extra flags passed to start command. apache24limits_args (str): Default to "-e -C daemon" Arguments of pre-start limits run. apache24_http_accept_enable (bool): Set to "NO" by default. Set to yes to check for accf_http kernel module on start up and load if not loaded. apache24_fib (str): Set an altered default network view for apa= che --osDK9TLjxFScVI/L Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) iQF8BAEBCgBmBQJTyQ6xXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4RjQwMDE3RTRERjUzMTI1N0FGRTUxNDlF NTRDQjM3RDNBMDg5RDZEAAoJEOVMs306CJ1t0EkH/0Q+FCOMJjhCxNR9bIhKsYsT nKypfbl/5FEeR+6jXadtsrhMqXSl1H2ptduWCP5x7QwaP3UgEzc00AQfBh+18B+R SXPZHffUP55n8sorqCKzp5glW+vQmfuCjX4ap5N62Ch1AfI2T6H5FKLLWDCJxDJ2 YKuqJOXuRVonvAyHsix6ducjKwEiS1bJFNeyCWEfsLY+1x5vHzq/plOve8BoAjG7 0uwT2I3LqAZeg3Vtfk3qWbvJhfZk+UjVrY6jHTUu4jVVyuZ8mPcJS0vtaSbyYFxK Iw8u9rLOXslkgzAhZE07LEyh6lsDI0yPkNu1H5euD2zvDp4NBaLWQI3ytOcnXuY= =/umA -----END PGP SIGNATURE----- --osDK9TLjxFScVI/L-- From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 12:14:21 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 754B84ED; Fri, 18 Jul 2014 12:14:21 +0000 (UTC) Received: from mail.0x20.net (mail.0x20.net [217.69.76.211]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E7BBC2CBE; Fri, 18 Jul 2014 12:14:20 +0000 (UTC) Received: from e-new.0x20.net (mail.0x20.net [IPv6:2001:aa8:fffb:1::3]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.0x20.net (Postfix) with ESMTPS id 223936A6032; Fri, 18 Jul 2014 14:14:18 +0200 (CEST) Received: from e-new.0x20.net (localhost [127.0.0.1]) by e-new.0x20.net (8.14.7/8.14.7) with ESMTP id s6ICEHE2044071; Fri, 18 Jul 2014 14:14:17 +0200 (CEST) (envelope-from lars@e-new.0x20.net) Received: (from lars@localhost) by e-new.0x20.net (8.14.7/8.14.7/Submit) id s6ICEHjp042859; Fri, 18 Jul 2014 14:14:17 +0200 (CEST) (envelope-from lars) Date: Fri, 18 Jul 2014 14:14:17 +0200 From: Lars Engels To: Adrian Chadd , Andreas Nilsson , Craig Rodrigues , freebsd-doc@freebsd.org, freebsd-current Current , ports Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? Message-ID: <20140718121417.GE96250@e-new.0x20.net> Mail-Followup-To: Lars Engels , Adrian Chadd , Andreas Nilsson , Craig Rodrigues , freebsd-doc@freebsd.org, freebsd-current Current , ports References: <20140718121025.GD96250@e-new.0x20.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="X3gaHHMYHkYqP6yf" Content-Disposition: inline In-Reply-To: <20140718121025.GD96250@e-new.0x20.net> X-Editor: VIM - Vi IMproved 7.4 X-Operation-System: FreeBSD 8.4-RELEASE-p4 User-Agent: Mutt/1.5.23 (2014-03-12) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 12:14:21 -0000 --X3gaHHMYHkYqP6yf Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jul 18, 2014 at 02:10:25PM +0200, Lars Engels wrote: > On Thu, Jul 17, 2014 at 01:00:03PM -0700, Adrian Chadd wrote: > > On 17 July 2014 12:57, Andreas Nilsson wrote: > > > > > > > > > > > > On Thu, Jul 17, 2014 at 9:28 PM, Adrian Chadd wr= ote: > > >> > > >> Hi! > > >> > > >> 3) The binary packages need to work out of the box > > >> 4) .. which means, when you do things like pkg install apache, it > > >> can't just be installed and not be enabled, because that's a bit of a > > >> problem; > > > > > > I disagree on this. For network services on linux ( apart from ssh ),= I want > > > that started very seldom. But I do want the package installed so that= when I > > > need it, it is there. Having it autostart as part of being installed = is > > > breaking KISS and in some way unix philosophy: I asked for something = to be > > > installed, not installed and autostarted. > >=20 > > That's cool. We can disagree on that. But the fact that you have to > > edit a file to enable things and hope you get the right start entry in > > /etc/rc.conf or /usr/local/etc/rc.conf, or wherever you put it is, is > > a pain. >=20 > No, Sir! No need to edit anything: >=20 > root@testjail: # pkg install apache24 > Updating repository catalogue > The following 5 packages will be installed: >=20 > Installing pcre: 8.33 > Installing gdbm: 1.10 > Installing db42: 4.2.52_5 > Installing apr: 1.4.8.1.5.3 > Installing apache24: 2.4.6_1 >=20 > The installation will require 47 MB more space >=20 > 5 MB to be downloaded >=20 > Proceed with installing packages [y/N]: y > gdbm-1.10.txz 100% 83KB 83.2KB/s 83.2KB/s 00:00 > db42-4.2.52_5.txz 100% 1457KB 1.4MB/s 1.4MB/s 00:00 > apr-1.4.8.1.5.3.txz 100% 390KB 389.5KB/s 389.5KB/s 00:00 > apache24-2.4.6_1.txz 100% 3649KB 3.6MB/s 3.6MB/s 00:00 > Checking integrity... done > [1/5] Installing pcre-8.33... done > [2/5] Installing gdbm-1.10... done > [3/5] Installing db42-4.2.52_5... done > [4/5] Installing apr-1.4.8.1.5.3... done > [5/5] Installing apache24-2.4.6_1...=3D=3D=3D> Creating users and/or grou= ps. > Using existing group 'www'. > Using existing user 'www'. > /usr/local/share/examples/apache24/httpd.conf -> > /usr/local/etc/apache24/httpd.conf > done > To run apache www server from startup, add apache24_enable=3D"yes" > in your /etc/rc.conf. Extra options can be found in startup script. >=20 > Your hostname must be resolvable using at least 1 mechanism in > /etc/nsswitch.conf typically DNS or /etc/hosts or apache might > have issues starting depending on the modules you are using. >=20 > root@testjail: # sysrc apache24_enable=3Dyes > apache24_enable: -> yes >=20 > root@testjail: # service apache24 start > Performing sanity check on apache24 configuration: > AH00557: httpd: apr_sockaddr_info_get() failed for testjail > AH00558: httpd: Could not reliably determine the server's fully > qualified domain name, using 127.0.0.1. Set the 'ServerName' directive > globally to suppress this message > Syntax OK > Starting apache24. > AH00557: httpd: apr_sockaddr_info_get() failed for testjail > AH00558: httpd: Could not reliably determine the server's fully > qualified domain name, using 127.0.0.1. Set the 'ServerName' directive > globally to suppress this message > root@testjail: # >=20 >=20 > That's 3 commands to enter. Admittedly 2 more than on some OS that > blindly starts any service you install, but 2 steps more logical and > even a newbie can do this. >=20 > What could be done is that pkg looks for rc scripts in a package, > extracts the enable line and prints a message how to enable the script / > daemon permanently. >=20 > Like:=20 > - To start the script "apache24" once run "service apache24 onestart". > - To start the script "apache24" at boot time run "sysrc apache24_enable= =3Dyes" > - The script "apache24" has the following optional settings for /etc/rc.c= onf: > apache24_profiles (str): Set to "" by default. > Define your profiles here. > apache24limits_enable (bool):Set to "NO" by default. > Set it to yes to run `limits $limits_args` > just before apache starts. > apache24_flags (str): Set to "" by default. > Extra flags passed to start command. > apache24limits_args (str): Default to "-e -C daemon" > Arguments of pre-start limits run. > apache24_http_accept_enable (bool): Set to "NO" by default. > Set to yes to check for accf_http kernel > module on start up and load if not loaded. > apache24_fib (str): Set an altered default network view for a= pache >=20 >=20 >=20 Sorry for no reading the whole thread first. This was already suggested in another part of the thread. --X3gaHHMYHkYqP6yf Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) iQF7BAEBCgBmBQJTyQ+ZXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4RjQwMDE3RTRERjUzMTI1N0FGRTUxNDlF NTRDQjM3RDNBMDg5RDZEAAoJEOVMs306CJ1tYnQH92Fryi0AK/TnLdIfoYHluYJl TSDKYXMsq/DNhWQdTwDOLwU1GyUFnjvLm5RVvyODo6RIT4EnqH3hnOBJ9O/J5DFV T8/EiV863j+j6rKmwG/pzygM7JYy9T7cZEZBBj6tm8CSYZSOdbaCtSLeyof7z0EW NhNVISs5mqfGETTtnfLdRyRvYCqadpd691v2sgzus6ziCAo6f1DgA/PbM4sG7HRW 8DJW5xdSzV6kqZ24DbbvSiZVFzz1efpGbFKOgH27lpJglgqDzyK0gkxa6Dfg1xCd fkTc125cWCBdzI1dAeApfAhXsw3AL2RuY/KqdZLbsh+cXYmmT8JG7Ta+C/giLA== =UaRC -----END PGP SIGNATURE----- --X3gaHHMYHkYqP6yf-- From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 08:11:38 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2117F296; Fri, 18 Jul 2014 08:11:38 +0000 (UTC) Received: from mail-yh0-x232.google.com (mail-yh0-x232.google.com [IPv6:2607:f8b0:4002:c01::232]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id CAF3A27B4; Fri, 18 Jul 2014 08:11:37 +0000 (UTC) Received: by mail-yh0-f50.google.com with SMTP id v1so2045286yhn.37 for ; Fri, 18 Jul 2014 01:11:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=XPd/wE3+ruCTYWW2TqoVwNtkg3y4evsTERaG6eWFkmM=; b=NdM+vUpjSLIZcN068v0e6vLXv3yeo4JmS0wSnbQIpzKBynceqKccrEvJ5vi7DFkJCb qlBoomMQmgr7rq67s/7up9VzotlvFhhvLHIxUFYNm4NM4jt6AR+ZEeFaA1Toz0yhtJL3 Wz3v8mj7zSUksP3JVXf2xr3eoLv11SDMUecU4U1a9L94+qFSIbm/coltzPcEYHcYm2Ep 8FqfNXqsTef4I4Tys17fNBN3BPhonTn6LZvlHXkgGfDHlJqXBnwi0vHIXgbZx+SFtvGl b5n+XUhq6s3iMwfpaEQFmqtcZsYnzDbFxCA47TC1esz/UnwLKylKHtJfamt9e6JrQBhU Ltjg== MIME-Version: 1.0 X-Received: by 10.236.130.77 with SMTP id j53mr4781689yhi.139.1405671096853; Fri, 18 Jul 2014 01:11:36 -0700 (PDT) Received: by 10.170.132.80 with HTTP; Fri, 18 Jul 2014 01:11:36 -0700 (PDT) In-Reply-To: <53C706C9.6090506@com.jkkn.dk> References: <53C706C9.6090506@com.jkkn.dk> Date: Fri, 18 Jul 2014 09:11:36 +0100 Message-ID: Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? From: krad To: "Kristian K. Nielsen" X-Mailman-Approved-At: Fri, 18 Jul 2014 12:20:50 +0000 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.18 Cc: freebsd-current@freebsd.org, FreeBSD Questions X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 08:11:38 -0000 I would like to see an updated version of pf. I realize its a big job to port it though On 17 July 2014 00:12, Kristian K. Nielsen wrote: > Hi all, > > I have been encouraged by people on the pf-mailinglist to move this > discussion to the current mailinglist since this may be an area in the OS > where FreeBSD need to focus on next. > > First of all I am a happy user of the pf-firewall module and have been fo= r > years and think it is really great - the trouble is that lately (since > 2008) its getting a bit dusty. > > The last few years it seem that pf in FreeBSD got a long way away from pf > in OpenBSD where it originated > - also looking at the ipfilter (ipf) and ipfw - they both to me do not > seem to be as complete as pf. > > So I am curious if any on the mailing could elaborate about what the > future of pf in FreeBSD is or should be. > > a) First of all - are any actively developing pf in FreeBSD? > > b) We are a major release away from OpenBSD (5.6 coming soon) - is > following OpenBSD's pf the past? - should it be? > > c) We never got the new syntax from OpenBSD 4.7's pf - at the time a long > discussion on the pf-mailing list flamed the new syntax saying it would > cause FreeBSD administrators too much headache. Today on the list it seem= s > everyone wants it - so would we rather stay on a dead branch than keep up > with the main stream? > > d) Anyone working on bringing FreeBSD up to pf 5.6? - seem dead on the > pf-list. > > e) OpenBSD is retiring ALTQ entirely - any thoughts on that? > http://undeadly.org/cgi?action=3Darticle&sid=3D20140419151959 > > f) IPv6 support?- it seem to be more and more challenged in the current > version of pf in FreeBSD and I am (as well as others) introducing more an= d > more IPv6 in networks. > E.x. Bugs #179392, #172648, #130381, #127920 and more seriously #124933, > which is the bug on not handling IPv6 fragments which have been open sinc= e > 2008 and where the workaround is necessity to leave an completely open ho= le > in your firewall ruleset to allow all fragments. According to comment in > the bug, this have been long gone in OpenBSD. > > g) Performance, can we live with pf-performance that compared to OpenBSD > is slower by a factor of 3 or 4, even after the multi-core support in > FreeBSD 10? > (Henning Brauer noted that in this talk at http://tech.yandex.ru/events/ > yagosti/ruBSD/talks/1488/ (at 33:18 and 36:53)) - credit/Jim Thompson > > h) Bringing back patches from pfSense? > > And my most important question: > > * Should this or could this be a project for the foundation to either do = a > summer project or funded project to bring this part of the OS up to date? > > > Hope to heard from you all, > > Best regards, > > Kristian Kr=C3=A6mmer Nielsen, > Odense, Denmark > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > unsubscribe@freebsd.org" > From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 13:02:23 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8E7EC486; Fri, 18 Jul 2014 13:02:23 +0000 (UTC) Received: from elsa.codelab.cz (elsa.codelab.cz [94.124.105.4]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4AEF720FD; Fri, 18 Jul 2014 13:02:22 +0000 (UTC) Received: from elsa.codelab.cz (localhost [127.0.0.1]) by elsa.codelab.cz (Postfix) with ESMTP id 053FA28427; Fri, 18 Jul 2014 14:56:20 +0200 (CEST) Received: from illbsd.quip.test (ip-89-177-49-222.net.upcbroadband.cz [89.177.49.222]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by elsa.codelab.cz (Postfix) with ESMTPSA id 208DF28422; Fri, 18 Jul 2014 14:56:19 +0200 (CEST) Message-ID: <53C919D9.4030006@quip.cz> Date: Fri, 18 Jul 2014 14:58:01 +0200 From: Miroslav Lachman <000.fbsd@quip.cz> User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26 MIME-Version: 1.0 To: Gleb Smirnoff , "Kristian K. Nielsen" Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? References: <53C706C9.6090506@com.jkkn.dk> <20140718110645.GN87212@FreeBSD.org> In-Reply-To: <20140718110645.GN87212@FreeBSD.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-current@freebsd.org, freebsd-questions@freebsd.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 13:02:23 -0000 Gleb Smirnoff wrote, On 07/18/2014 13:06: [...] > The pf mailing list is about a dozen of active people. Yes, they are vocal > on the new syntax. But there also exist a large number of common FreeBSD > users who simply use pf w/o caring about syntax and reading pf mailing > list. If we destroy the syntax compatibility a very large population of > users would be hurt, for the sake of making a dozen happy. I don't agree on this part. Almost every bigger project / application needs to make some uncompatible changes over time. Apache, MySQL, PHP, GNOME, KDE... or FreeBSD itself with recent changes from pkg_* to pkg(ng). Backward compatibility cannot be maintained infinitely if new features should be added. I don't see the reason why PF should be exception. And I am writing this as one who really don't need any new PF features, but I am fine with syntax change in newer FreeBSD major version. There were bigger problem with pf.conf in the past - freebsd-update deleted it and machine was unprotected after reboot. So properly announced syntax change and tutorial to conversions is not problem for me and I hope for some others too. Miroslav Lachman From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 13:22:27 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CD29FFF7; Fri, 18 Jul 2014 13:22:27 +0000 (UTC) Received: from umail.aei.mpg.de (umail.aei.mpg.de [194.94.224.6]) by mx1.freebsd.org (Postfix) with ESMTP id 7FAB7236C; Fri, 18 Jul 2014 13:22:26 +0000 (UTC) Received: from mailgate.aei.mpg.de (mailgate.aei.mpg.de [194.94.224.5]) by umail.aei.mpg.de (Postfix) with ESMTP id E26FA200A42; Fri, 18 Jul 2014 15:13:06 +0200 (CEST) Received: from mailgate.aei.mpg.de (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id D4D32405889; Fri, 18 Jul 2014 15:13:06 +0200 (CEST) Received: from intranet.aei.uni-hannover.de (ahin1.aei.uni-hannover.de [130.75.117.40]) by mailgate.aei.mpg.de (Postfix) with ESMTP id 3EE83406AF1; Fri, 18 Jul 2014 15:13:06 +0200 (CEST) Received: from cascade.aei.uni-hannover.de ([10.117.15.111]) by intranet.aei.uni-hannover.de (Lotus Domino Release 8.5.3FP6) with ESMTP id 2014071815125603-34207 ; Fri, 18 Jul 2014 15:12:56 +0200 Date: Fri, 18 Jul 2014 15:12:55 +0200 From: Gerrit =?ISO-8859-1?Q?K=FChn?= To: Gleb Smirnoff Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? Message-Id: <20140718151255.b3e677d9.gerrit.kuehn@aei.mpg.de> In-Reply-To: <20140718110645.GN87212@FreeBSD.org> References: <53C706C9.6090506@com.jkkn.dk> <20140718110645.GN87212@FreeBSD.org> Organization: Max Planck Gesellschaft X-Mailer: Sylpheed 3.1.3 (GTK+ 2.24.19; amd64-portbld-freebsd8.2) Mime-Version: 1.0 X-MIMETrack: Itemize by SMTP Server on intranet/aei-hannover(Release 8.5.3FP6|November 21, 2013) at 07/18/2014 15:12:56, Serialize by Router on intranet/aei-hannover(Release 8.5.3FP6|November 21, 2013) at 07/18/2014 15:13:06, Serialize complete at 07/18/2014 15:13:06 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-PMX-Version: 6.0.2.2308539, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2014.7.18.130319 X-PerlMx-Spam: Gauge=IIIIIIIII, Probability=9%, Report=' MULTIPLE_RCPTS 0.1, HTML_00_01 0.05, HTML_00_10 0.05, MIME_LOWER_CASE 0.05, BODYTEXTP_SIZE_3000_LESS 0, BODY_SIZE_1000_LESS 0, BODY_SIZE_2000_LESS 0, BODY_SIZE_5000_LESS 0, BODY_SIZE_7000_LESS 0, BODY_SIZE_900_999 0, __ANY_URI 0, __BOUNCE_CHALLENGE_SUBJ 0, __BOUNCE_NDR_SUBJ_EXEMPT 0, __CT 0, __CTE 0, __CT_TEXT_PLAIN 0, __HAS_FROM 0, __HAS_MSGID 0, __HAS_X_MAILER 0, __IN_REP_TO 0, __MIME_TEXT_ONLY 0, __MIME_VERSION 0, __MULTIPLE_RCPTS_CC_X2 0, __SANE_MSGID 0, __SUBJ_ALPHA_NEGATE 0, __TO_MALFORMED_2 0, __URI_NO_PATH 0, __URI_NO_WWW 0, __URI_NS ' Cc: freebsd-current@freebsd.org, freebsd-questions@freebsd.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 13:22:27 -0000 On Fri, 18 Jul 2014 15:06:45 +0400 Gleb Smirnoff wrote about Re: Future of pf / firewall in FreeBSD ? - does it have one ?: GS> The pf mailing list is about a dozen of active people. Yes, they are GS> vocal on the new syntax. But there also exist a large number of common GS> FreeBSD users who simply use pf w/o caring about syntax and reading pf GS> mailing list. If we destroy the syntax compatibility a very large GS> population of users would be hurt, for the sake of making a dozen GS> happy. I have thought about this for some time now, and I think I do not agree. I do remember quite well when OpenBSD changed from ipf to pf, and I had to come up with new rules files. Yes, this is a burden for people maintaining these systems, but if the thing is well documented and comes with benefits (like staying in sync with other developers, allowing new features etc.) I doubt that many people will really be minding this. cu Gerrit From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 13:27:53 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 21E41543 for ; Fri, 18 Jul 2014 13:27:53 +0000 (UTC) Received: from mx1.scaleengine.net (beauharnois2.bhs1.scaleengine.net [142.4.218.15]) by mx1.freebsd.org (Postfix) with ESMTP id EC32423E3 for ; Fri, 18 Jul 2014 13:27:52 +0000 (UTC) Received: from [192.168.1.2] (senat1-01.HML3.ScaleEngine.net [209.51.186.5]) (Authenticated sender: allanjude.freebsd@scaleengine.com) by mx1.scaleengine.net (Postfix) with ESMTPSA id D392411407 for ; Fri, 18 Jul 2014 13:27:45 +0000 (UTC) Message-ID: <53C920EA.7050604@freebsd.org> Date: Fri, 18 Jul 2014 09:28:10 -0400 From: Allan Jude User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 MIME-Version: 1.0 To: freebsd-current@freebsd.org Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? References: In-Reply-To: X-Enigmail-Version: 1.6 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="xKMfuV1JncwjcxvmMEsBuVpVK6FVn3DmO" X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 13:27:53 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --xKMfuV1JncwjcxvmMEsBuVpVK6FVn3DmO Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 2014-07-17 16:12, Adrian Chadd wrote: > On 17 July 2014 13:03, Alberto Mijares wrote: >> On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd wro= te: >>> Hi! >>> >>> 3) The binary packages need to work out of the box >>> 4) .. which means, when you do things like pkg install apache, it >>> can't just be installed and not be enabled, because that's a bit of a= >>> problem; >> >> >> No. Please NEVER do that! The user must be able to edit the files and >> start the service by himself. >=20 > Cool, so what's the single line command needed to type in to start a > given package service? >=20 >=20 >=20 > -a > _______________________________________________ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.o= rg" >=20 We could make 'service apache22 enable' which can run: sysrc -f /etc/rc.conf apache22_enable=3D"YES" and 'service apache22 disable' that can use sysrc -x And then ports can individually extend the functionality if they require.= --=20 Allan Jude --xKMfuV1JncwjcxvmMEsBuVpVK6FVn3DmO Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJTySDuAAoJEJrBFpNRJZKf7lIP/jlovGD5sDRQN+xzykoKI+GW YeEymE5T7YcZ16dnK/a4KN7Up+70SQ4WXVhBmzPUI5hyderfnOLUsyVGtm2lCsgs K3A7EMXzFKpWhMwSG0w/fvfjC5JgT+UvkQQWaN8egL/C6EUfiWgGf90eHdGFjgBu Lo0D92R0yUeOHB/3IrRAaCY4IETUkzRvPLiTaZZmgS5z/i0WGPRkkvL0pBqSNah6 0FVKK50pJTNRv4/WJfrla625m/BAtNbG+qDdQ4phXaLV7QrJ+b8r1IqkiWNXvgcH 5QG8yB0kvcZ8N0Ccw8vO+8cNo5/tRQT1w4jTpgBrBQJ8mu3plpvFxmL/B2foXg6e E5ZzOYrp5do5Nkk7phPti9hOu5PLgEX4mEqW3th7W2ylpNAvV31gDl16Zg7bcyax vbzTcAvSn34hrzjODPTs6mHlz0lGjK/N1fzr8mqZTsO+ikoKAFPQ4KKS5O2HASs2 XaAOG0zhFIm30AUho31I0v7OTf9BBZSPAegnRdDROyC26t598Gqf7nSLzqfy43nF 4Zii7qeokF8D5354NL+MNc4KE8lPR65QfpgY5PzT3ZKv7eGq8HeJv3XBTKfprHpX 4MKGQdp1hcH03ZMhUymv+8ANzFt4k+bV276u/RSGy6W7hLvf4FPDNaVDQkxnw/T4 XJSqMqMuVlv5R0Buvbjw =lg22 -----END PGP SIGNATURE----- --xKMfuV1JncwjcxvmMEsBuVpVK6FVn3DmO-- From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 13:31:14 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B0782688; Fri, 18 Jul 2014 13:31:14 +0000 (UTC) Received: from mail.feld.me (mail.feld.me [66.170.3.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.feld.me", Issuer "Gandi Standard SSL CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3F9C6240D; Fri, 18 Jul 2014 13:31:14 +0000 (UTC) Received: from mail.feld.me (mail.feld.me [66.170.3.6]); by mail.feld.me (OpenSMTPD) with ESMTP id 443a0443; Fri, 18 Jul 2014 08:31:05 -0500 (CDT) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=feld.me; h=mime-version :date:content-type:content-transfer-encoding:message-id:from :subject:to:cc:in-reply-to:references:sender; s=blargle2; bh=hIG 20hA2iVC6maQqf0jihHlqTpE=; b=I4JHsIAYNxDxaakj0TrmxBy1jLuCGHjwxFI WHVm3LCgG+3PwWEzOCQv9ckX3G+yJMImiNCwdu0RJzR2w/FDmHkhM5POrsPd84vU MXspgd9O2udTXDWPqN/tY8dzov7caRbgsnJ4hiknHzN91y6v314ZaZfXhyFbQX30 92KKjUmvR1yY4ZmMDRo5vy1T0qmbpGkk1udFZCBEfyKcGWHOT3fVznzwHlR8bk8S I5ZLK5naRsS77Lkr/BMclzPWv7uaprO1QThtfgiM8WOrXDkE+SPVt043YFItwCzh 4LJYJVwuTgalgAp0j5uCZb+JP02pTLVEgvrxeQmvgim9QIywwuQ== DomainKey-Signature: a=rsa-sha1; c=nofws; d=feld.me; h=mime-version:date :content-type:content-transfer-encoding:message-id:from:subject :to:cc:in-reply-to:references:sender; q=dns; s=blargle2; b=sgTAm o7qpI7+8Zzo9GCx8vll/ZasCfITBf5EjzUENNR8CKPgsI2iRXv5NUqf65xjt7sUx bIBuceD+hU2xedtvavg8lui1CpG3Q4UbOFPGl4iVRczXHv2eTbLWQVlGbJqWEOvr kCgt5gxkuNfggO7g0KJJyoLsTlPXsIWC5kwLgf3JizjrgCG+1OLLJQWRgRfQd9jL 0i9bibE8BvkPFsvRTtFI1wcXA6KUAMXzcpndEBWc/G7aCSMEp8RFxc70OzmHTzgs UOv9FzDDNjVyQzaezPosUKxY8laU38Ih3GRt9Zt/zyLJ2V4YjWiTpQAnqVLobXuT UJoHzaFjBdW1CUD6w== Received: from mail.feld.me (mail.feld.me [66.170.3.6]); by mail.feld.me (OpenSMTPD) with ESMTP id 4550618f; Fri, 18 Jul 2014 08:31:05 -0500 (CDT) Received: from feld@feld.me by mail.feld.me (Archiveopteryx 3.2.0) with esmtpa id 1405690264-5783-5781/5/5; Fri, 18 Jul 2014 13:31:04 +0000 Mime-Version: 1.0 Date: Fri, 18 Jul 2014 13:31:04 +0000 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Message-Id: <8da9925f076f28b88e4d34ec0dda7dd8@mail.feld.me> X-Mailer: RainLoop/1.6.8.151 From: Mark Felder Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? To: Gleb Smirnoff , "Kristian K. Nielsen" In-Reply-To: <20140718110645.GN87212@FreeBSD.org> References: <20140718110645.GN87212@FreeBSD.org> <53C706C9.6090506@com.jkkn.dk> Sender: feld@feld.me Cc: freebsd-current@freebsd.org, freebsd-questions@FreeBSD.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 13:31:14 -0000 July 18 2014 6:07 AM, "Gleb Smirnoff" wrote:=20 > Kristian, >=20 > On Thu, Jul 17, 2014 at 01:12:09AM +0200, Kristian K. Nielsen wrote: > K> a) First of all - are any actively developing pf in FreeBSD? >=20 > No one right now. >=20 How do we fix this? Can the FreeBSD Foundation step in and provide = funding? Our most popular firewall doesn't play well with IPv6 in a time = when everyone is pushing IPv6. This is not exactly a good situation to = be in. From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 13:33:33 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 62F828DC; Fri, 18 Jul 2014 13:33:33 +0000 (UTC) Received: from cell.glebius.int.ru (glebius.int.ru [81.19.69.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "cell.glebius.int.ru", Issuer "cell.glebius.int.ru" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id D94E524BD; Fri, 18 Jul 2014 13:33:31 +0000 (UTC) Received: from cell.glebius.int.ru (localhost [127.0.0.1]) by cell.glebius.int.ru (8.14.9/8.14.9) with ESMTP id s6IDXOM3034916 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 18 Jul 2014 17:33:24 +0400 (MSK) (envelope-from glebius@FreeBSD.org) Received: (from glebius@localhost) by cell.glebius.int.ru (8.14.9/8.14.9/Submit) id s6IDXOos034915; Fri, 18 Jul 2014 17:33:24 +0400 (MSK) (envelope-from glebius@FreeBSD.org) X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to glebius@FreeBSD.org using -f Date: Fri, 18 Jul 2014 17:33:24 +0400 From: Gleb Smirnoff To: Mark Felder Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? Message-ID: <20140718133324.GB30415@glebius.int.ru> References: <20140718110645.GN87212@FreeBSD.org> <53C706C9.6090506@com.jkkn.dk> <8da9925f076f28b88e4d34ec0dda7dd8@mail.feld.me> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <8da9925f076f28b88e4d34ec0dda7dd8@mail.feld.me> User-Agent: Mutt/1.5.23 (2014-03-12) Cc: "Kristian K. Nielsen" , freebsd-current@freebsd.org, freebsd-questions@FreeBSD.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 13:33:33 -0000 Mark, On Fri, Jul 18, 2014 at 01:31:04PM +0000, Mark Felder wrote: M> > On Thu, Jul 17, 2014 at 01:12:09AM +0200, Kristian K. Nielsen wrote: M> > K> a) First of all - are any actively developing pf in FreeBSD? M> > M> > No one right now. M> > M> M> How do we fix this? Can the FreeBSD Foundation step in and provide funding? Our most popular firewall doesn't play well with IPv6 in a time when everyone is pushing IPv6. This is not exactly a good situation to be in. I can't speak for FreeBSD Foundation, but I suppose, that they can. However, first you need to find a developer, then fund him. -- Totus tuus, Glebius. From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 13:46:45 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 600CEFB5; Fri, 18 Jul 2014 13:46:45 +0000 (UTC) Received: from mail-wi0-x22a.google.com (mail-wi0-x22a.google.com [IPv6:2a00:1450:400c:c05::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 984982615; Fri, 18 Jul 2014 13:46:44 +0000 (UTC) Received: by mail-wi0-f170.google.com with SMTP id f8so1200443wiw.3 for ; Fri, 18 Jul 2014 06:46:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:from:to:cc:subject:in-reply-to:references:user-agent:date :message-id:mime-version:content-type:content-transfer-encoding; bh=0GvcNRo1e1n3Kua98vLGsjO8ab7yNFXD6HrjLxog9MA=; b=SJjendjRUzkprMBh1MRlaOqEHpVwmYIuhWw13ZWtWwyEodeou6xM5v0jTz3V1vo8xN 8uv115Iodbit+A8YWJyEyQAMUEyMCPw/UADb0dBkU0QpxZ4OdtxpbCAniSd1pENdTSrN TypcG3iHE89cGWwavO6M+ECtwkr0YnN/hcuTUtILFrQLbHVlQLjFCWPOF2V251bxvfak Q9d8UxEkjDtopf4oM2WyKvuoMf8w9WdlxHJhV84XsNlSb2hoDP46AWhg2nqSMVa6JtRj y/VNX7TO0ZPdGKe7EcnQYhEPLTld/wtDgD3BsyLNu7qdKTTTA2+8HzoVQzyTTZVceVQS EXQw== X-Received: by 10.194.200.3 with SMTP id jo3mr7083878wjc.110.1405691202824; Fri, 18 Jul 2014 06:46:42 -0700 (PDT) Received: from srvbsdfenssv.interne.associated-bears.org (LCaen-151-92-21-48.w217-128.abo.wanadoo.fr. [217.128.200.48]) by mx.google.com with ESMTPSA id ja9sm6927863wic.8.2014.07.18.06.46.41 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 18 Jul 2014 06:46:41 -0700 (PDT) Sender: Eric Masson Received: from srvbsdfenssv.interne.associated-bears.org (localhost [127.0.0.1]) by srvbsdfenssv.interne.associated-bears.org (Postfix) with ESMTP id 865A7CF473; Fri, 18 Jul 2014 15:46:38 +0200 (CEST) X-Virus-Scanned: amavisd-new at interne.associated-bears.org Received: from srvbsdfenssv.interne.associated-bears.org ([127.0.0.1]) by srvbsdfenssv.interne.associated-bears.org (srvbsdfenssv.interne.associated-bears.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 22rvgSjRcat7; Fri, 18 Jul 2014 15:46:37 +0200 (CEST) Received: by srvbsdfenssv.interne.associated-bears.org (Postfix, from userid 1001) id CD4B5CF2E3; Fri, 18 Jul 2014 15:46:37 +0200 (CEST) From: Eric Masson To: Gleb Smirnoff Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? In-Reply-To: <20140718110645.GN87212@FreeBSD.org> (Gleb Smirnoff's message of "Fri, 18 Jul 2014 15:06:45 +0400") References: <53C706C9.6090506@com.jkkn.dk> <20140718110645.GN87212@FreeBSD.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (berkeley-unix) X-Operating-System: FreeBSD 9.2-RELEASE-p8 amd64 Date: Fri, 18 Jul 2014 15:46:37 +0200 Message-ID: <86a986hj9e.fsf@srvbsdfenssv.interne.associated-bears.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Cc: "Kristian K. Nielsen" , freebsd-current@freebsd.org, freebsd-questions@freebsd.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 13:46:45 -0000 Gleb Smirnoff writes: Hi, > Following OpenBSD on features would be cool, but no bulk imports > would be made again. Bulk imports produce bad quality of port, > and also pf in OpenBSD has no multi thread support. Seems this is the Next Big Thing â„¢ that will hit OpenBSD/pf according to last conferences slides. Don't know enough about FreeBSD or OpenBSD internals to see if a straight port could be possible. Éric Masson -- AP disait à Grand Neuneu : blagues GNU en signature... Le contraire m'aurait étonné. -+- AP in : Le neuneu par l'exemple -+- From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 13:58:07 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 247CF500; Fri, 18 Jul 2014 13:58:07 +0000 (UTC) Received: from host64.kissl.de (host64.kissl.de [213.239.241.64]) by mx1.freebsd.org (Postfix) with ESMTP id A230E2705; Fri, 18 Jul 2014 13:58:06 +0000 (UTC) Received: from localhost (localhost.localdomain [127.0.0.1]) by host64.kissl.de (Postfix) with ESMTP id 57E20A5A66C3; Fri, 18 Jul 2014 15:51:48 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at host64.kissl.de Received: from host64.kissl.de ([127.0.0.1]) by localhost (host64.kissl.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TCXpKAwmq2E2; Fri, 18 Jul 2014 15:51:48 +0200 (CEST) Received: from [172.20.10.3] (unknown [46.114.30.79]) (Authenticated sender: web104p1) by host64.kissl.de (Postfix) with ESMTPSA id 81815A5A6189; Fri, 18 Jul 2014 15:51:47 +0200 (CEST) Content-Type: text/plain; charset=iso-8859-1 Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? From: Franco Fichtner In-Reply-To: <53C706C9.6090506@com.jkkn.dk> Date: Fri, 18 Jul 2014 15:51:42 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: <6326AB9D-C19A-434B-9681-380486C037E2@lastsummer.de> References: <53C706C9.6090506@com.jkkn.dk> To: "Kristian K. Nielsen" X-Mailer: Apple Mail (2.1878.6) Cc: freebsd-current@freebsd.org, freebsd-questions@freebsd.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 13:58:07 -0000 Hi Kristian, On 17 Jul 2014, at 01:12, Kristian K. Nielsen = wrote: > a) First of all - are any actively developing pf in FreeBSD? not directly related to FreeBSD, but I was planning to bring DragonFly's pf to a new feature state. We've had a little bit of discussion over the recent DF SMP fixes on an OpenBSD mailing list, but the outcome was a tad disappointing to say the least. > b) We are a major release away from OpenBSD (5.6 coming soon) - is > following OpenBSD's pf the past? - should it be? Yes and no. :) I still stand by my claim that SMP is the fork on the road for pf development; having three major BSDs tackling the work in some way or another (NetBSD chose npf, but that's a different story). We should merge newer features for sure, but we have to establish that the forking of pf was an inevitable process and that the custom SMP bits are not going away and need to be maintained separately/individually. > c) We never got the new syntax from OpenBSD 4.7's pf - at the time a = long discussion on the pf-mailing list flamed the new syntax saying it = would cause FreeBSD administrators too much headache. Today on the list = it seems everyone wants it - so would we rather stay on a dead branch = than keep up with the main stream? I'd say many people are comfortable with an old state of pf (silent majority), but that shouldn't keep us from catching up with newer features (and of course bugfixes). > d) Anyone working on bringing FreeBSD up to pf 5.6? - seem dead on the = pf-list. Not exactly, but I have a strong interest in this happening and am able to help. :) > e) OpenBSD is retiring ALTQ entirely - any thoughts on that? > http://undeadly.org/cgi?action=3Darticle&sid=3D20140419151959 The reasoning is sound. I think the direction is good, although one probably can't rip out ALTQ just like that in FreeBSD. > f) IPv6 support?- it seem to be more and more challenged in the = current version of pf in FreeBSD and I am (as well as others) = introducing more and more IPv6 in networks. > E.x. Bugs #179392, #172648, #130381, #127920 and more seriously = #124933, which is the bug on not handling IPv6 fragments which have been = open since 2008 and where the workaround is necessity to leave an = completely open hole in your firewall ruleset to allow all fragments. = According to comment in the bug, this have been long gone in OpenBSD. Needs to be taken care of. Getting more and more important. ;) > g) Performance, can we live with pf-performance that compared to = OpenBSD is slower by a factor of 3 or 4, even after the multi-core = support in FreeBSD 10? > (Henning Brauer noted that in this talk at = http://tech.yandex.ru/events/yagosti/ruBSD/talks/1488/ (at 33:18 and = 36:53)) - credit/Jim Thompson A factor 3 or 4 times is the proverbial "it's one louder". SMP scaling can reach more performance im the long run, and pf can still be tweaked to increase "atomic" performance, although the physical algorithm limits are a lot more finite than with SMP. > h) Bringing back patches from pfSense? Those patches are not available anymore since pfSense changed the visibility of the pfsense-tools.git. I would welcome to see those patches trickle back under a standard BSD license for review and inclusion when viable. But first of all, we need those patches back. Cheers, Franco= From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 14:28:39 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 781EA61E; Fri, 18 Jul 2014 14:28:39 +0000 (UTC) Received: from mail.0x20.net (mail.0x20.net [217.69.76.211]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1F8842A31; Fri, 18 Jul 2014 14:28:38 +0000 (UTC) Received: from e-new.0x20.net (mail.0x20.net [IPv6:2001:aa8:fffb:1::3]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.0x20.net (Postfix) with ESMTPS id CE0B76A6032; Fri, 18 Jul 2014 16:28:35 +0200 (CEST) Received: from e-new.0x20.net (localhost [127.0.0.1]) by e-new.0x20.net (8.14.7/8.14.7) with ESMTP id s6IESZla006848; Fri, 18 Jul 2014 16:28:35 +0200 (CEST) (envelope-from lars@e-new.0x20.net) Received: (from lars@localhost) by e-new.0x20.net (8.14.7/8.14.7/Submit) id s6IESZpS006396; Fri, 18 Jul 2014 16:28:35 +0200 (CEST) (envelope-from lars) Date: Fri, 18 Jul 2014 16:28:35 +0200 From: Lars Engels To: Andreas Nilsson Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? Message-ID: <20140718142835.GF96250@e-new.0x20.net> Mail-Followup-To: Lars Engels , Andreas Nilsson , Navdeep Parhar , Craig Rodrigues , Adrian Chadd , freebsd-doc@freebsd.org, Alberto Mijares , freebsd-current Current , ports References: <53C82EC4.8060304@gmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="aPdhxNJGSeOG9wFI" Content-Disposition: inline In-Reply-To: X-Editor: VIM - Vi IMproved 7.4 X-Operation-System: FreeBSD 8.4-RELEASE-p4 User-Agent: Mutt/1.5.23 (2014-03-12) Cc: Craig Rodrigues , Adrian Chadd , ports , freebsd-doc@freebsd.org, Alberto Mijares , freebsd-current Current , Navdeep Parhar X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 14:28:39 -0000 --aPdhxNJGSeOG9wFI Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jul 17, 2014 at 10:21:17PM +0200, Andreas Nilsson wrote: > On Thu, Jul 17, 2014 at 10:15 PM, Navdeep Parhar wrot= e: >=20 > > On 07/17/14 13:12, Adrian Chadd wrote: > > > On 17 July 2014 13:03, Alberto Mijares wrote: > > >> On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd > > wrote: > > >>> Hi! > > >>> > > >>> 3) The binary packages need to work out of the box > > >>> 4) .. which means, when you do things like pkg install apache, it > > >>> can't just be installed and not be enabled, because that's a bit of= a > > >>> problem; > > >> > > >> > > >> No. Please NEVER do that! The user must be able to edit the files and > > >> start the service by himself. > > > > > > Cool, so what's the single line command needed to type in to start a > > > given package service? > > > > Aren't sysrc(8) and service(8) for this kind of stuff? > > >=20 > They sure are. >=20 > Well, pkg install $service ; sysrc ${service}_enable=3D"YES" would do. > Although some services have different names than the packge, which is sort > of annoying. I hacked up a solution for service(8): http://bsd-geek.de/FreeBSD/service.sh.enable-disable.patch The patch adds the following directives to service(8): enable: Grabs an rc script's rcvar value and runs "sysrc foo_enable=3DYES" disable: The opposite of enable rcdelete: Deletes an rc script's rcvar value from /etc/rc.conf using "sysrc -x foo_enable" The nice thing about is that you can use one of the new directives on one line with the old ones, as long as the new are the first argument: # service syslogd enable # service apache24 disable stop # service apache24 rcdelete stop # service nginx enable start So after installing a package, to start and enable a daemon permanently all you have to run is # service foo enable start Lars P.S.: Thansk to Devin for his hard work on sysrc! --aPdhxNJGSeOG9wFI Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) iQF8BAEBCgBmBQJTyS8TXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4RjQwMDE3RTRERjUzMTI1N0FGRTUxNDlF NTRDQjM3RDNBMDg5RDZEAAoJEOVMs306CJ1tfowH/A9Q4mw598FoIhOWJ3lQ40W3 srBxvcIOLpr80N4Z65QRuuO+Xun3hmRQ9SWUpBPgs+reV0VDV+GgCfg4/9P1zoVT rPyXSgHA99v/sDcVgA4dTiKUXqlD8bm9fEI7JbvSv8RQzKgFirNb1IPe96S7Rsex nsGXZw33yS/SZoAqVreLenJ//+Hxfj4dIBZ8YrrAZLxvMR4WmiOTUDfxctUTWf3F eWm4c5Joj4M+1iN1fuc1DW8oPvFOgtuRTkLX1PBjNcBDpRFtVxrU4E+46SrAlgxl H+fsRUPtjfaDIyLXfjvsx/dkfCqwLXBDh80Zp77P9TBr71hjmR+Sozi38lGkAAY= =Q4Si -----END PGP SIGNATURE----- --aPdhxNJGSeOG9wFI-- From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 14:32:34 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9F73F837 for ; Fri, 18 Jul 2014 14:32:34 +0000 (UTC) Received: from mail-la0-x22d.google.com (mail-la0-x22d.google.com [IPv6:2a00:1450:4010:c03::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 2CA862AC9 for ; Fri, 18 Jul 2014 14:32:34 +0000 (UTC) Received: by mail-la0-f45.google.com with SMTP id ty20so2897385lab.4 for ; Fri, 18 Jul 2014 07:32:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=hJU10m6KiDxn+JHI07MlMqabsL182BF0Qil53ph96w4=; b=SLy+4LOk+gY2plIz/tChyZrnQWPH4mGPGmliIifJ+7lTo2/nRRuJrYuYqFz9nZqoPP TqcRH5F5ZiItCoaGBkYl2RmO7fA+CUuCuAbRS0oHVt7qc8qNVKq25ZKL9T3+Db1vyIIx 5MmTefRlhfBIj2qIc5mbePq+0kbMKWiyf1mguJmKmIf/iq78OnMIsH71Gmi6xfP9cU3z YRuTPHKffQYaEm8ckpS09R9cVTII9hFopZl5ARaOGHakFY+0fyVfX19774EjUiVuFEJh 8ptU+LwXe4aYQqXEQg+cjaZW8eZhiEZYtOGSwKcpQrRxTQq5WrgrWc8LRbffdUrlmLsQ 5XHw== MIME-Version: 1.0 X-Received: by 10.112.131.8 with SMTP id oi8mr5281541lbb.87.1405693951708; Fri, 18 Jul 2014 07:32:31 -0700 (PDT) Received: by 10.112.136.65 with HTTP; Fri, 18 Jul 2014 07:32:31 -0700 (PDT) Date: Fri, 18 Jul 2014 16:32:31 +0200 Message-ID: Subject: VT and kms is broken on a Lenovo Thinkpad E530 From: Daniel Peyrolon To: freebsd-current@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.18 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 14:32:34 -0000 Hello there, I have both and a end-of-June installed kernels (the second at /boot/kernel.old), and somehow, the console stops working when it changes its mode. I'm using the most recent one, I installed xdm and I'm running xorg over here, without problems. The problems arise when I try to use the console, the screen just shows a static image of the last xorg frame, with some weird colors. What info do you need to fix this? -- Daniel From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 14:42:57 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 63C17E17 for ; Fri, 18 Jul 2014 14:42:57 +0000 (UTC) Received: from mail-qg0-x235.google.com (mail-qg0-x235.google.com [IPv6:2607:f8b0:400d:c04::235]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 2631D2BB9 for ; Fri, 18 Jul 2014 14:42:57 +0000 (UTC) Received: by mail-qg0-f53.google.com with SMTP id q107so3207487qgd.26 for ; Fri, 18 Jul 2014 07:42:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=6PZX9JyCLjQ5agfBpa+osubF04Wo0syh/tAL2Yr8Et0=; b=vrroKsQt9+aSFEewW8/phJckrfywgawC4t6kbRN2yjojA2w5h6hSogM7wVVWld38eN I3kaGH6K7aGtzArVJ/EyeZiV3Vaw6iyDOrsoIp7UtxZV2pMHn5Q2sC5VZeoYUrrO8Z/2 Blel2PDUeGziMpQ5qqsTpmdtEwQ0wtzo74fFgJviJWAAGl9dTEHh71R2QrfncW6ToKnU 8+nAI75uIi4C7sukRooEEzkEB9ImAV00HS4dXn4fFACsqf36xnIVNqnhIvksKRjO8Un9 rV72pHQuattdaaWQPiIDHVLYvVgLnKhcNisRnlWmQ9jYkCKCpbDi9W/HaXldN7TaacbU uOuA== MIME-Version: 1.0 X-Received: by 10.140.50.50 with SMTP id r47mr8505247qga.96.1405694573849; Fri, 18 Jul 2014 07:42:53 -0700 (PDT) Sender: carpeddiem@gmail.com Received: by 10.140.82.176 with HTTP; Fri, 18 Jul 2014 07:42:53 -0700 (PDT) In-Reply-To: References: Date: Fri, 18 Jul 2014 10:42:53 -0400 X-Google-Sender-Auth: W3wub_oj6jnet5oBuw6eJ8ytDoo Message-ID: Subject: Re: VT and kms is broken on a Lenovo Thinkpad E530 From: Ed Maste To: Daniel Peyrolon Content-Type: text/plain; charset=UTF-8 Cc: FreeBSD Current X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 14:42:57 -0000 On 18 July 2014 10:32, Daniel Peyrolon wrote: > The problems arise when I try to use the console, the screen just shows a > static image of the last xorg frame, with some weird colors. I presume you mean you try to access the console by pressing Ctrl-Alt-F1 (for example), and then see the static odd-coloured image. This behaviour is consistent with syscons(4), which cannot properly switch back to a vty. Can you describe how you tried to enable a vt(4) kernel? From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 14:51:46 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8580E22C; Fri, 18 Jul 2014 14:51:46 +0000 (UTC) Received: from spindle.one-eyed-alien.net (spindle.one-eyed-alien.net [199.48.129.229]) by mx1.freebsd.org (Postfix) with ESMTP id 564B42C95; Fri, 18 Jul 2014 14:51:46 +0000 (UTC) Received: by spindle.one-eyed-alien.net (Postfix, from userid 3001) id D60F75A9F0B; Fri, 18 Jul 2014 14:51:38 +0000 (UTC) Date: Fri, 18 Jul 2014 14:51:38 +0000 From: Brooks Davis To: Baptiste Daroussin Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? Message-ID: <20140718145138.GB11456@spindle.one-eyed-alien.net> References: <53C82EC4.8060304@gmail.com> <20140717205445.GC28314@ivaldir.etoilebsd.net> <20140717210738.GE28314@ivaldir.etoilebsd.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="RASg3xLB4tUQ4RcS" Content-Disposition: inline In-Reply-To: <20140717210738.GE28314@ivaldir.etoilebsd.net> User-Agent: Mutt/1.5.23 (2014-03-12) Cc: Craig Rodrigues , Adrian Chadd , Navdeep Parhar , freebsd-doc@freebsd.org, Alberto Mijares , freebsd-current Current , Andreas Nilsson , ports X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 14:51:46 -0000 --RASg3xLB4tUQ4RcS Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jul 17, 2014 at 11:07:39PM +0200, Baptiste Daroussin wrote: > On Thu, Jul 17, 2014 at 01:57:52PM -0700, Adrian Chadd wrote: > > On 17 July 2014 13:54, Baptiste Daroussin wrote: > > > On Thu, Jul 17, 2014 at 10:21:17PM +0200, Andreas Nilsson wrote: > > >> On Thu, Jul 17, 2014 at 10:15 PM, Navdeep Parhar = wrote: > > >> > > >> > On 07/17/14 13:12, Adrian Chadd wrote: > > >> > > On 17 July 2014 13:03, Alberto Mijares wro= te: > > >> > >> On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd > > >> > wrote: > > >> > >>> Hi! > > >> > >>> > > >> > >>> 3) The binary packages need to work out of the box > > >> > >>> 4) .. which means, when you do things like pkg install apache,= it > > >> > >>> can't just be installed and not be enabled, because that's a b= it of a > > >> > >>> problem; > > >> > >> > > >> > >> > > >> > >> No. Please NEVER do that! The user must be able to edit the fil= es and > > >> > >> start the service by himself. > > >> > > > > >> > > Cool, so what's the single line command needed to type in to sta= rt a > > >> > > given package service? > > >> > > > >> > Aren't sysrc(8) and service(8) for this kind of stuff? > > >> > > > >> > > >> They sure are. > > >> > > >> Well, pkg install $service ; sysrc ${service}_enable=3D"YES" would d= o. > > >> Although some services have different names than the packge, which i= s sort > > >> of annoying. > > > > > > Maybe service needs to be extended (seriously sysrc ${service}_enable= =3D"YES" is > > > not user friendly) we have service -l that list the services, maybe a= service > > > ${service} on that create /etc/rc.conf.d/${service} with ${service}_e= nable=3D"YES" > > > in it and service ${service} off to remove it > > > > > > maybe service -l could also be extended to show the current status (m= aybe with a > > > -v switch) > > > > > > but for sure having the service off by default is a good idea :) > >=20 > > Yeah, maybe having it populate an entry of service_enable=3D"NO" for no= w . >=20 > then you need to extend rcng to support /usr/local/etc/rc.conf.d so the p= ackages > can install them without touching base :) and we will need to wait for all > supported FreeBSD version to have the said modification) Here's a totally untested patch to do that. I was rather surprised that this wasn't configurable already. -- Brooks Index: defaults/rc.conf =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- defaults/rc.conf (revision 268825) +++ defaults/rc.conf (working copy) @@ -56,6 +56,7 @@ local_startup=3D"/usr/local/etc/rc.d" # startup script dirs. script_name_sep=3D" " # Change if your startup scripts' names contain spac= es rc_conf_files=3D"/etc/rc.conf /etc/rc.conf.local" +rc_conf_dirs=3D"/etc/rc.conf.d /usr/local/etc/rc.conf.d" =20 # ZFS support zfs_enable=3D"NO" # Set to YES to automatically mount ZFS file systems Index: rc.subr =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- rc.subr (revision 268825) +++ rc.subr (working copy) @@ -1289,10 +1289,12 @@ fi _rc_conf_loaded=3Dtrue fi - if [ -f /etc/rc.conf.d/"$_name" ]; then - debug "Sourcing /etc/rc.conf.d/${_name}" - . /etc/rc.conf.d/"$_name" - fi + for _dir in ${rc_conf_dirs}; do + if [ -f "$_dir"/"$_name" ]; then + debug "Sourcing ${_dir}/${_name}" + . "$dir"/"$_name" + fi + done =20 # Set defaults if defined. for _var in $rcvar; do --RASg3xLB4tUQ4RcS Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlPJNHoACgkQXY6L6fI4GtQtAgCgzH7lveN/16Obli4FeZgtOW4N ga4AoKw1zKsRvDeS7rvpO6aSfYajH7vZ =6S6v -----END PGP SIGNATURE----- --RASg3xLB4tUQ4RcS-- From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 13:26:44 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C14AB48D; Fri, 18 Jul 2014 13:26:44 +0000 (UTC) Received: from mail-yk0-x233.google.com (mail-yk0-x233.google.com [IPv6:2607:f8b0:4002:c07::233]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 60AD023CA; Fri, 18 Jul 2014 13:26:44 +0000 (UTC) Received: by mail-yk0-f179.google.com with SMTP id 142so2153746ykq.38 for ; Fri, 18 Jul 2014 06:26:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=QRekanTfVIbrq1lsUa0AOTLgjWcSRsdnB359qS2C9BI=; b=GVK1WXsqB8Uu3rPLDzsBkyDceV/stBjNBn6J3jNfuPTQRZscIeH0J4PT6h1M6Xs3HX z2EJSe1oxIKPt/asJl4RfvuViOaNtgFndOgeLLeuppib3Oj2VUGJ60vrcZC3GLvftcM6 N4tNTHXBWoq9xlxLkoO3Op6QMx1esKMg/DaeSViyfeu/Ar2lKOwHjo2Olv3lUBw38g/5 /xRmAg4LmF9O8Oi4oA+AWUdfG/lGXXDU7JhhHrjfgHeYj8Dy8a1WgBiR/dgho9DiX9i/ o1VEEq7mk4bhiESYQVh46KouwJBBV8E8GvIgp0b4NlH1L6FTnItL4CxcYIFvaLpY66+y +lqQ== MIME-Version: 1.0 X-Received: by 10.236.127.81 with SMTP id c57mr7348195yhi.118.1405690003337; Fri, 18 Jul 2014 06:26:43 -0700 (PDT) Received: by 10.170.132.80 with HTTP; Fri, 18 Jul 2014 06:26:43 -0700 (PDT) In-Reply-To: <20140718151255.b3e677d9.gerrit.kuehn@aei.mpg.de> References: <53C706C9.6090506@com.jkkn.dk> <20140718110645.GN87212@FreeBSD.org> <20140718151255.b3e677d9.gerrit.kuehn@aei.mpg.de> Date: Fri, 18 Jul 2014 14:26:43 +0100 Message-ID: Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? From: krad To: =?UTF-8?B?R2Vycml0IEvDvGhu?= X-Mailman-Approved-At: Fri, 18 Jul 2014 15:28:27 +0000 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.18 Cc: Gleb Smirnoff , FreeBSD Questions , freebsd-current@freebsd.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 13:26:44 -0000 this is also another important point. If you go onto google and search on how to do this and that under pf, you get a mix of freebsd, and openbsd stuff coming up. I havent analysed it but i think the majority of the stuff is openbsd related. THerefore I find some nice solution to my problem, only to find out a bit later I cant use it because its not supported under freebsd. This is anoying, but more importantly confuses new sysadmins and puts them off adopting pf and possibly a bsd at all. On 18 July 2014 14:12, Gerrit K=C3=BChn wrote: > On Fri, 18 Jul 2014 15:06:45 +0400 Gleb Smirnoff > wrote about Re: Future of pf / firewall in FreeBSD ? - does it have one ?= : > > GS> The pf mailing list is about a dozen of active people. Yes, they are > GS> vocal on the new syntax. But there also exist a large number of commo= n > GS> FreeBSD users who simply use pf w/o caring about syntax and reading p= f > GS> mailing list. If we destroy the syntax compatibility a very large > GS> population of users would be hurt, for the sake of making a dozen > GS> happy. > > I have thought about this for some time now, and I think I do not agree. = I > do remember quite well when OpenBSD changed from ipf to pf, and I had to > come up with new rules files. Yes, this is a burden for people maintainin= g > these systems, but if the thing is well documented and comes with benefit= s > (like staying in sync with other developers, allowing new features etc.) = I > doubt that many people will really be minding this. > > > cu > Gerrit > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" > From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 13:43:16 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8E721E5C; Fri, 18 Jul 2014 13:43:16 +0000 (UTC) Received: from mail-oa0-x22a.google.com (mail-oa0-x22a.google.com [IPv6:2607:f8b0:4003:c02::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 30DA925D2; Fri, 18 Jul 2014 13:43:16 +0000 (UTC) Received: by mail-oa0-f42.google.com with SMTP id n16so3180505oag.15 for ; Fri, 18 Jul 2014 06:43:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=0+Q1MIqMtSq6ThZZ7cKoWN+RTluoj4wTAcPoaFAuVE0=; b=fmPOEvEGxAFwi0Nqut6o642DrfgLYJ34dBL8C0amjIrnpaAqVVPnMHlw4x0d5e+ufD mq84zhb3iR5jlr2a5R4jkmFlLOsGScUsfRXM28DzD1tab5QTTlNG7NR+Q+3i6MXyUQZ7 smQM5LyoILTbMC44p2rHxrMau82eKRJFVesWvd5t3P40PUSxX+ow3uKTu6Hwizjt4SoP tfCfEkCqKXSVaQzfxmejkWroBvA+VasgmS8F6vMQxmrp6XOkH4yE/5W26pselnigAW9F 6+aBFbeMbkHsTtohed0+yZycZEeV7kPmlJIpufIg4aBeG6GhfLBvlHRlkd8/vJHIermr HWRA== X-Received: by 10.182.243.132 with SMTP id wy4mr7219437obc.38.1405690995152; Fri, 18 Jul 2014 06:43:15 -0700 (PDT) MIME-Version: 1.0 Received: by 10.76.132.164 with HTTP; Fri, 18 Jul 2014 06:42:35 -0700 (PDT) In-Reply-To: References: From: Dreamcat4 Date: Fri, 18 Jul 2014 14:42:35 +0100 Message-ID: Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? To: Craig Rodrigues X-Mailman-Approved-At: Fri, 18 Jul 2014 15:34:11 +0000 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.18 Cc: freebsd-doc@freebsd.org, freebsd-current Current , ports X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 13:43:16 -0000 On Thu, Jul 17, 2014 at 7:25 PM, Craig Rodrigues wrote: > Hi, > > I attend a lot of different Meetup groups in the San Francisco Bay Area / > Silicon Valley. > > What I am seeing is the following usage pattern for new developers, > especially for web apps and cloud applications. > > (1) On their desktop/laptop, they will generally be using > a Mac running OS X. This is their desktop Unix environment. > This seems to be true of almost 90% of the people that I meet. > The 10% of people who run a PC laptop, will mostly be running > Windows. Very few seem to run Linux on their laptops, but > if they do, it will likely be Ubuntu Linux. > > (2) For their deployed application, generally they will deploy to > a Linux environment on a server. These days, the server will > very likely be in a cloud environment: Amazon, Rackspace, > Heroku. > > > For (1), encouraging people to move away from a Mac to FreeBSD for their > desktop environment is a tough sell. Apple is a multi-billion dollar > company, and they make beautiful hardware, and software with > a fantastic end-user experience. The PC-BSD project is fighting the > good fight in terms of making a usable FreeBSD desktop, but its > a touch battle to fight. > > For (2), encouraging people to move away from Linux to FreeBSD > on the server, may be something where we can get more wins. > I think we can do this by having more HOWTO articles on > the FreeBSD web page that explain the following: > > > (1) We need a HOWTO article that explains for each command using apt > or yum for installing packages, > how can I do the same thing using "pkg". > Even if we have a web page with a table, contrasting the > apt/yum commands, and pkg commands, that would be super > useful. > > A lot of folks have moved away from FreeBSD, purely because > they are sick of pkg_add. We need to explain to folks that > we have something better, that is quite competitive to > apt/yum, and it is easy to use. > > (2) We need a HOWTO article that explains how to set up > a FreeBSD environment with some of the major cloud providers, > i.e. Amazon, Rackspace, Microsoft Azure, etc. > > > Do we have such articles today, or is anybody working on something > like that? > I haven't such specific articles. However I did create a project which lets people more easily install and 'try out' FreeBSD. It runs ontop of either FreeNAS, pfSense or NAS4Free. The idea is that because you can boot those distress off of a USB stick, (it's like a liveCD). However you can then install the full FreeBSD generic onto any suitably-formatted attached hard disk. (including PKGNG and ports tree). None of my documentation is aimed specifically at linux -> FreeBSD. However I can say that it's utterly true (if you have Mac OS X). The desktop experience is definately nicer (much less niggly / annoying problems). And on Macs we have "brew install"=E2=80=A6 which is "allright". But you ca= n't use Macs as effectively for server stuff. It doesn't really "feel right" for that purpose. And homebrew is like ports or gentoo (compiles everything, no binary packages). For me, the FreeBSD is what I decide to for server (more than linux) *not just only* for PKGNG. We are glad that is here now. But also (very important). If FreeBSD jails. Which isn't "as-good-as", but often superior to such linux equivalent (if any). In terms of both security, and efficiency. Here you can see my FreeBSD jails HowTo: http://dreamcat4.github.io/finch/jails-how-to/ Which is as simple as I could ever be able to make it. Sorry I don't have any other ideas in regards to how to address the overwhelming popularity of Linux over FreeBSD. It often isn't justified. However in some ways linux is like windows now. For example with overwhelming hardware support (that sometimes is not as good on FreeBSD). And Linux is more success on embedded because it can run on many different kinds of CPUs. Wheras FreeBSD isn't very much support for embedded CPU (unless they happen to be X86). I get the (maybe not justified) impression that even ARM isn't so well supported on FreeBSD. Some things you can't change with just only a better "How-To". Even if FreeBSD is super-great / rocks so well now. I think if we had these two HOWTO articles today, and we could > aggressively point people at them, this would be a huge win > for expanding the number of people who try out FreeBSD > for modern server applications. > > -- > Craig > _______________________________________________ > freebsd-ports@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ports > To unsubscribe, send any mail to "freebsd-ports-unsubscribe@freebsd.org" > From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 14:07:50 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 52726E16; Fri, 18 Jul 2014 14:07:50 +0000 (UTC) Received: from mail-oa0-x22c.google.com (mail-oa0-x22c.google.com [IPv6:2607:f8b0:4003:c02::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C9AD22846; Fri, 18 Jul 2014 14:07:49 +0000 (UTC) Received: by mail-oa0-f44.google.com with SMTP id eb12so3200110oac.3 for ; Fri, 18 Jul 2014 07:07:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=SBbKnwKmcLNmVoEza3CFQ2nlbzC4XyUDM1pYnCdL8l4=; b=JvJjGssTAcLR1mF2zZLPurDubK4x2o9wONv6sLIXBLHa/9qCW7x7mW51O7XfV7x9Zg BbEDli2mkCZUMKiwPPepcfCpWvlF3QrSi1LH4T7dhcsKV62SDWlowHv4yyuM5LCWgs4L tedJRgEc4tLIZUHQFCauuM4Dc9vRd06yXzulqLEi9oz7+9amcMP2d2yiCYgjVLel7Tmp sdFDILRh0PQeEkTdgM9Km8wp0rFtC/uwCEHPK6L4uUVv/kltwNqkle764AA6FStkOqep XQJRfJ4JwUwh5n7Yf4eJdL1Y0DjcwXlMMOGOBWawQwLTTUVkngUe58y07hboUSKafG+I JWig== X-Received: by 10.60.123.66 with SMTP id ly2mr7219037oeb.19.1405692469072; Fri, 18 Jul 2014 07:07:49 -0700 (PDT) MIME-Version: 1.0 Received: by 10.76.132.164 with HTTP; Fri, 18 Jul 2014 07:07:09 -0700 (PDT) In-Reply-To: <20140717205445.GC28314@ivaldir.etoilebsd.net> References: <53C82EC4.8060304@gmail.com> <20140717205445.GC28314@ivaldir.etoilebsd.net> From: Dreamcat4 Date: Fri, 18 Jul 2014 15:07:09 +0100 Message-ID: Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? To: Baptiste Daroussin X-Mailman-Approved-At: Fri, 18 Jul 2014 15:36:04 +0000 Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.18 Cc: Craig Rodrigues , Adrian Chadd , Navdeep Parhar , freebsd-doc@freebsd.org, Alberto Mijares , freebsd-current Current , Andreas Nilsson , ports X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 14:07:50 -0000 On Thu, Jul 17, 2014 at 9:54 PM, Baptiste Daroussin wrote: > On Thu, Jul 17, 2014 at 10:21:17PM +0200, Andreas Nilsson wrote: > > On Thu, Jul 17, 2014 at 10:15 PM, Navdeep Parhar > wrote: > > > > > On 07/17/14 13:12, Adrian Chadd wrote: > > > > On 17 July 2014 13:03, Alberto Mijares wrote: > > > >> On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd > > > wrote: > > > >>> Hi! > > > >>> > > > >>> 3) The binary packages need to work out of the box > > > >>> 4) .. which means, when you do things like pkg install apache, it > > > >>> can't just be installed and not be enabled, because that's a bit > of a > > > >>> problem; > > > >> > > > >> > > > >> No. Please NEVER do that! The user must be able to edit the files > and > > > >> start the service by himself. > > > > > > > > Cool, so what's the single line command needed to type in to start a > > > > given package service? > > > > > > Aren't sysrc(8) and service(8) for this kind of stuff? > > > > > > > They sure are. > > > > Well, pkg install $service ; sysrc ${service}_enable="YES" would do. > > Although some services have different names than the packge, which is > sort > > of annoying. > > Maybe service needs to be extended (seriously sysrc > ${service}_enable="YES" is > not user friendly) we have service -l that list the services, maybe a > service > This might be a pretty good idea. (barring technical obstacles). > ${service} on that create /etc/rc.conf.d/${service} with > ${service}_enable="YES" > in it and service ${service} off to remove it > I think we should hope for an API / service interface that can try to avoid (as much as it can) to require specifically "rc.conf" file and no other possible way. Because FreeBSD may replace the current rc.d system in future with something else better / next generation. For example the on-going openlaunchd project. That question is more about "when" rather than "if". maybe service -l could also be extended to show the current status (maybe > with a > -v switch) > > but for sure having the service off by default is a good idea :) > It wouldn't hurt very much to have some optional flag to the "pkg install" command that allowed a user to do in 1 command. Then the global configuration of services being installed "off" by default would remain as always. Yet allowing that little extra switch would achieve the stated goal. And help towards FreeBSD being "a slightly more polished OS" that is more user-friendly. Since, you know do the math. It is 1 fewer total commands to type in. Such savings "all adds up". If enough such minor improvement can be made all across the board. Then it makes a difference. > > regards, > Bapt > From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 14:10:19 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id ADDE8F18; Fri, 18 Jul 2014 14:10:19 +0000 (UTC) Received: from mail-wg0-x22e.google.com (mail-wg0-x22e.google.com [IPv6:2a00:1450:400c:c00::22e]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E781A28D1; Fri, 18 Jul 2014 14:10:18 +0000 (UTC) Received: by mail-wg0-f46.google.com with SMTP id m15so3463105wgh.17 for ; Fri, 18 Jul 2014 07:10:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=DOQDXAKMd+eI3CTGJ6YWfp6QrWCTar53zEo1aHhXxa4=; b=rvc5OseEDGZqoxQFvQ6kojn9jSsAl4CyfWdAvCtzaHboaFyJ105nopUeH+Mkd9sKh8 csLz6FPOY9Fo6coejNDsqIOIoEVc1iUZV+E3rgrBjnworITb7weGwjv5pw0dAm42+HkY 85a1S5NNBfOBQJ3byEKk3gBKbZDESW4GFtMm5rs3VgIP5yc4jSfFqRxO48Z0ePay6zWB BtpWRwl2VOIXEQn9y7PorlZdJRhIO/xMNZPtXa0hzYAm8/iI7TsjtmOW81F4By3LwBzE fDMOEOpeJDCNhkCBWfrr6W2G7ROD4E6PizZPCdKPE624gmQXtHiRo0prIXge9yawCUgu Hpzg== MIME-Version: 1.0 X-Received: by 10.194.76.99 with SMTP id j3mr7211235wjw.85.1405692616468; Fri, 18 Jul 2014 07:10:16 -0700 (PDT) Received: by 10.216.78.72 with HTTP; Fri, 18 Jul 2014 07:10:16 -0700 (PDT) Received: by 10.216.78.72 with HTTP; Fri, 18 Jul 2014 07:10:16 -0700 (PDT) In-Reply-To: References: <53C706C9.6090506@com.jkkn.dk> <20140718110645.GN87212@FreeBSD.org> <20140718151255.b3e677d9.gerrit.kuehn@aei.mpg.de> Date: Fri, 18 Jul 2014 09:10:16 -0500 Message-ID: Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? From: Matt Bettinger To: krad X-Mailman-Approved-At: Fri, 18 Jul 2014 15:36:47 +0000 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.18 Cc: freebsd-current@freebsd.org, Gleb Smirnoff , FreeBSD Mailing List , =?UTF-8?B?R2Vycml0IEvDvGhu?= X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 14:10:19 -0000 Back in the day we didn't have Google to ask the oracle for cut and paste answers. If the man page is accurate that should be good enough. On Jul 18, 2014 8:26 AM, "krad" wrote: > this is also another important point. If you go onto google and search on > how to do this and that under pf, you get a mix of freebsd, and openbsd > stuff coming up. I havent analysed it but i think the majority of the stu= ff > is openbsd related. THerefore I find some nice solution to my problem, on= ly > to find out a bit later I cant use it because its not supported under > freebsd. This is anoying, but more importantly confuses new sysadmins and > puts them off adopting pf and possibly a bsd at all. > > > On 18 July 2014 14:12, Gerrit K=C3=BChn wrote: > > > On Fri, 18 Jul 2014 15:06:45 +0400 Gleb Smirnoff > > wrote about Re: Future of pf / firewall in FreeBSD ? - does it have one > ?: > > > > GS> The pf mailing list is about a dozen of active people. Yes, they ar= e > > GS> vocal on the new syntax. But there also exist a large number of > common > > GS> FreeBSD users who simply use pf w/o caring about syntax and reading > pf > > GS> mailing list. If we destroy the syntax compatibility a very large > > GS> population of users would be hurt, for the sake of making a dozen > > GS> happy. > > > > I have thought about this for some time now, and I think I do not agree= . > I > > do remember quite well when OpenBSD changed from ipf to pf, and I had t= o > > come up with new rules files. Yes, this is a burden for people > maintaining > > these systems, but if the thing is well documented and comes with > benefits > > (like staying in sync with other developers, allowing new features etc.= ) > I > > doubt that many people will really be minding this. > > > > > > cu > > Gerrit > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to " > > freebsd-questions-unsubscribe@freebsd.org" > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 14:34:05 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B800C958; Fri, 18 Jul 2014 14:34:05 +0000 (UTC) Received: from mail-yh0-x232.google.com (mail-yh0-x232.google.com [IPv6:2607:f8b0:4002:c01::232]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 597632AE0; Fri, 18 Jul 2014 14:34:05 +0000 (UTC) Received: by mail-yh0-f50.google.com with SMTP id v1so2316208yhn.9 for ; Fri, 18 Jul 2014 07:34:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=za4PRX9NODwUWP+0/7RLro07UWPcPwGQ22ZKDv9bz7I=; b=bOcLGCi90YaqCh6Jnv1HFgDN0VeSlMBh+WwGe9jASj72Z9D484i6aGdRFeS5t8Bwhu YlVV/xkf/D/GEJ4Li+2HaBEdcq2S0uJdMk3IXy0oLRSbgEZf9BzoBAvEIklWt1mTtZaU lhAifbfMVULRkJ+ruZz1RFfYPKpjoBH1EsVBFOgDgYnop1EDiFF1h9vhKB7HxEAGt5p5 BiZa6VUEI2JRlDXw0ik6HPU2nSSXATv1N+ZYl49kE774a00ciCGI1O7LnvFABfAi0VGp RKErK6917qgtAFHe3YZ6frsxC0o4jFFko8vGjPICVwFQ+8xT2aynM7cflpxrsd/w4pOg Ap+A== MIME-Version: 1.0 X-Received: by 10.236.74.101 with SMTP id w65mr7893774yhd.103.1405694044570; Fri, 18 Jul 2014 07:34:04 -0700 (PDT) Received: by 10.170.132.80 with HTTP; Fri, 18 Jul 2014 07:34:04 -0700 (PDT) In-Reply-To: References: <53C706C9.6090506@com.jkkn.dk> <20140718110645.GN87212@FreeBSD.org> <20140718151255.b3e677d9.gerrit.kuehn@aei.mpg.de> Date: Fri, 18 Jul 2014 15:34:04 +0100 Message-ID: Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? From: krad To: Matt Bettinger X-Mailman-Approved-At: Fri, 18 Jul 2014 15:37:07 +0000 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.18 Cc: freebsd-current@freebsd.org, Gleb Smirnoff , FreeBSD Mailing List , =?UTF-8?B?R2Vycml0IEvDvGhu?= X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 14:34:05 -0000 that is true and I have not problem using man pages, however thats not the way most of the world work and search engines arent exactly new either. We should be trying to engage more people not less, and part of that is reaching out. On 18 July 2014 15:10, Matt Bettinger wrote: > Back in the day we didn't have Google to ask the oracle for cut and paste > answers. If the man page is accurate that should be good enough. > On Jul 18, 2014 8:26 AM, "krad" wrote: > >> this is also another important point. If you go onto google and search o= n >> how to do this and that under pf, you get a mix of freebsd, and openbsd >> stuff coming up. I havent analysed it but i think the majority of the >> stuff >> is openbsd related. THerefore I find some nice solution to my problem, >> only >> to find out a bit later I cant use it because its not supported under >> freebsd. This is anoying, but more importantly confuses new sysadmins an= d >> puts them off adopting pf and possibly a bsd at all. >> >> >> On 18 July 2014 14:12, Gerrit K=C3=BChn wrote: >> >> > On Fri, 18 Jul 2014 15:06:45 +0400 Gleb Smirnoff >> > wrote about Re: Future of pf / firewall in FreeBSD ? - does it have on= e >> ?: >> > >> > GS> The pf mailing list is about a dozen of active people. Yes, they a= re >> > GS> vocal on the new syntax. But there also exist a large number of >> common >> > GS> FreeBSD users who simply use pf w/o caring about syntax and readin= g >> pf >> > GS> mailing list. If we destroy the syntax compatibility a very large >> > GS> population of users would be hurt, for the sake of making a dozen >> > GS> happy. >> > >> > I have thought about this for some time now, and I think I do not >> agree. I >> > do remember quite well when OpenBSD changed from ipf to pf, and I had = to >> > come up with new rules files. Yes, this is a burden for people >> maintaining >> > these systems, but if the thing is well documented and comes with >> benefits >> > (like staying in sync with other developers, allowing new features >> etc.) I >> > doubt that many people will really be minding this. >> > >> > >> > cu >> > Gerrit >> > _______________________________________________ >> > freebsd-questions@freebsd.org mailing list >> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> > To unsubscribe, send any mail to " >> > freebsd-questions-unsubscribe@freebsd.org" >> > >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to " >> freebsd-questions-unsubscribe@freebsd.org" > > From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 16:36:38 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D8C87B33; Fri, 18 Jul 2014 16:36:38 +0000 (UTC) Received: from mail-lb0-x22f.google.com (mail-lb0-x22f.google.com [IPv6:2a00:1450:4010:c04::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 327062659; Fri, 18 Jul 2014 16:36:38 +0000 (UTC) Received: by mail-lb0-f175.google.com with SMTP id n15so2991122lbi.20 for ; Fri, 18 Jul 2014 09:36:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=VLtmEAVuUqNlWXBi0524bGwYJrP1n0OKJd7FIr/IFVo=; b=u7/9YLGhxsisfEu+LdLrgweQKa01adcU7da/+JeSbt1SfuCV2N/oVRsee7BN/JU9Xo 0YpESAfxsN+Pu+ZhPrnvoCwoVWBTrnbDtz1iozdKeVKqvD/T+GoTBw/gcx3BwearboRA HWCiQNQW75DTUdRG5axhTp0gOWqlHjTxfNofMRyVTvrSFjOvVVwcZKHdHPZgqQAhw4n4 1iONzTuPY7Ou5tcLloSa2mt8+CAH2ai1FZMc3/XNCcXAlcdJ7vaex9NAG/nqzvudSwOp UVeS2WDA5yeRoFfEjh3dcSwvStS9K8fJPWo/zeN8DGdk3QmYgO/RbLqQbRxXKd9REnC6 9rPA== MIME-Version: 1.0 X-Received: by 10.152.206.105 with SMTP id ln9mr6610961lac.45.1405701395736; Fri, 18 Jul 2014 09:36:35 -0700 (PDT) Received: by 10.112.136.65 with HTTP; Fri, 18 Jul 2014 09:36:35 -0700 (PDT) Received: by 10.112.136.65 with HTTP; Fri, 18 Jul 2014 09:36:35 -0700 (PDT) In-Reply-To: References: Date: Fri, 18 Jul 2014 18:36:35 +0200 Message-ID: Subject: Re: VT and kms is broken on a Lenovo Thinkpad E530 From: Daniel Peyrolon To: Ed Maste , freebsd-current@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.18 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 16:36:38 -0000 I basically installed from a FreeBSD VT enabled ISO. You presume correctly. On Jul 18, 2014 3:42 PM, "Ed Maste" wrote: > On 18 July 2014 10:32, Daniel Peyrolon wrote: > > The problems arise when I try to use the console, the screen just shows a > > static image of the last xorg frame, with some weird colors. > > I presume you mean you try to access the console by pressing > Ctrl-Alt-F1 (for example), and then see the static odd-coloured image. > This behaviour is consistent with syscons(4), which cannot properly > switch back to a vty. > > Can you describe how you tried to enable a vt(4) kernel? > From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 16:58:59 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E7E51F6C for ; Fri, 18 Jul 2014 16:58:59 +0000 (UTC) Received: from mail-qg0-x22a.google.com (mail-qg0-x22a.google.com [IPv6:2607:f8b0:400d:c04::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A8447281A for ; Fri, 18 Jul 2014 16:58:59 +0000 (UTC) Received: by mail-qg0-f42.google.com with SMTP id j5so3444013qga.15 for ; Fri, 18 Jul 2014 09:58:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=xCcdjSv6EDIMODEjFJhmAQBAPznObUXp6l1qNN5TXYg=; b=WpLa9NH2cbgnpvidgkv4ByOuxuIIT8bz++yp3bWr+OmBuqoRFH6oAeBjFTNst+FMuq EwTQmsUBwaoY7U22ybONWuhUJoMkzdOH0S9mV1NI1sEXu5WF/RpGV1DK5SRvO/vd3Utg YvqeP6LEeJb6ymiQWRYYawZt65yUGYVS01DRCdROS8HWnHfV7BZ8F9mNClMdxnGMLV0X pAjJ2TgCz6X+8Uw0aCDCLmVUIl1LVYVz4wHdHg2zzQfYFRjrHSX66sGrGuUhYy5bxhHO D0S9tgDP8Rom3wzrHqP0UFteSg6BvgFIFYudVjG8bum6DfJHmNzvdscsrD5LahzAAowU jUrw== MIME-Version: 1.0 X-Received: by 10.140.50.50 with SMTP id r47mr9723205qga.96.1405702738775; Fri, 18 Jul 2014 09:58:58 -0700 (PDT) Sender: carpeddiem@gmail.com Received: by 10.140.82.176 with HTTP; Fri, 18 Jul 2014 09:58:58 -0700 (PDT) In-Reply-To: References: Date: Fri, 18 Jul 2014 12:58:58 -0400 X-Google-Sender-Auth: 2P_PhzDwMj5JT_dAcfI2qYF26hQ Message-ID: Subject: Re: VT and kms is broken on a Lenovo Thinkpad E530 From: Ed Maste To: Daniel Peyrolon Content-Type: text/plain; charset=UTF-8 Cc: FreeBSD Current X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 16:59:00 -0000 On 18 July 2014 12:36, Daniel Peyrolon wrote: > I basically installed from a FreeBSD VT enabled ISO. Ok, it seems those are not available any longer. To confirm that you're actually using vt, check "sysctl kern.vty". It will report either sc, vt, or an error. If you get an error the kernel predates the addition of that entry, so check "sysctl hw.syscons" and "sysctl kern.vt". From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 19:07:22 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A2BF7F0B; Fri, 18 Jul 2014 19:07:22 +0000 (UTC) Received: from mail-qc0-x234.google.com (mail-qc0-x234.google.com [IPv6:2607:f8b0:400d:c01::234]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3ECA8245F; Fri, 18 Jul 2014 19:07:22 +0000 (UTC) Received: by mail-qc0-f180.google.com with SMTP id l6so3608216qcy.25 for ; Fri, 18 Jul 2014 12:07:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=Nfet/vFxfs6JQcVc/LTXSa7ey39A5HdV9iH0j3ECNNE=; b=zbY/uqFiiKWoxBPcc0PQ+75eW2LJ1q++9MAQeR8xEfFaUj8IbEJBJ/aayHnMqDtOib xk8wHlp4g9ssqeSMNRCPo8BU0sVfBTgcAIeICvOnK2puLb70H6QR7mawWc2PHkH8NCuZ 5Se9bpJUQLGLwdkAaipQiddQuiJ1qZP5RWlwaWNOumjL2DFDNu1fJH0vUHEWqSE8ugwO EbZVmkgruIgNTYpB/O27EVk8fify2VtqTrez9+w+6RTC/bhxpDyB1locei7tm3tSii6B pgZESysEsA6nsNs3tlfUwdsIJTt7O88rOS1Yao1IqfH3IpzNddnMDC24ycsavMApa5gL AOQg== MIME-Version: 1.0 X-Received: by 10.224.171.197 with SMTP id i5mr11818323qaz.55.1405710439246; Fri, 18 Jul 2014 12:07:19 -0700 (PDT) Sender: adrian.chadd@gmail.com Received: by 10.224.1.6 with HTTP; Fri, 18 Jul 2014 12:07:19 -0700 (PDT) In-Reply-To: References: <53C706C9.6090506@com.jkkn.dk> <20140718110645.GN87212@FreeBSD.org> <20140718151255.b3e677d9.gerrit.kuehn@aei.mpg.de> Date: Fri, 18 Jul 2014 12:07:19 -0700 X-Google-Sender-Auth: dMA6uLl0NE2eiYRNDNBrDjhjdTQ Message-ID: Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? From: Adrian Chadd To: krad Content-Type: text/plain; charset=UTF-8 Cc: FreeBSD Mailing List , =?UTF-8?B?R2Vycml0IEvDvGhu?= , freebsd-current , Gleb Smirnoff , Matt Bettinger X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 19:07:22 -0000 On 18 July 2014 07:34, krad wrote: > that is true and I have not problem using man pages, however thats not the > way most of the world work and search engines arent exactly new either. We > should be trying to engage more people not less, and part of that is > reaching out. Then do the port and maintain it. The problem isn't the desire to keep things up to date, it's a lack of people who want that _and_ are willing/able to do it _and_ are funded somehow. So, please step up! We'll all love you for it. -a From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 19:10:36 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 134B8242; Fri, 18 Jul 2014 19:10:36 +0000 (UTC) Received: from mail-qc0-x22d.google.com (mail-qc0-x22d.google.com [IPv6:2607:f8b0:400d:c01::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8000A2517; Fri, 18 Jul 2014 19:10:35 +0000 (UTC) Received: by mail-qc0-f173.google.com with SMTP id c9so3727251qcz.32 for ; Fri, 18 Jul 2014 12:10:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:content-type; bh=f/8X3eL0dE3g742+QMVPzn/RTbXMNbwOa7SL+aa2NcM=; b=psyYu65Lhw/0ju7vdNdZ3mzAPyXeWCDL5EmvHJ0K9xCbrdMuiVa09yt6e/BK/ZOmnw PN8tjks8VVQ5WWN8YM2JeyQUodJzoewaQaLGfX3VssCJTF8hSxg2KZs4nbA26fgfuRWk s/vvt0H7vU2Wzot0Tr5/MnwKB9JEmhgVZZdoQ9k1SFyVZ4Xdf0xvE9l6fj8H6zeLhEx0 ZPrs3pOmyJogskAbi1FfhgJKm1p2svP6L760KKuGr7WCrn577bs50FOompmpeFt6rYe+ MXmTQ8DZODAvesXt59DMv+7FriwAXZn/cla0NCG8000WT7sD6ZsEEeELh/iop41+MJYU YvHQ== MIME-Version: 1.0 X-Received: by 10.224.223.135 with SMTP id ik7mr12052213qab.26.1405710634478; Fri, 18 Jul 2014 12:10:34 -0700 (PDT) Sender: adrian.chadd@gmail.com Received: by 10.224.1.6 with HTTP; Fri, 18 Jul 2014 12:10:34 -0700 (PDT) In-Reply-To: <20140718142835.GF96250@e-new.0x20.net> References: <53C82EC4.8060304@gmail.com> <20140718142835.GF96250@e-new.0x20.net> Date: Fri, 18 Jul 2014 12:10:34 -0700 X-Google-Sender-Auth: 8zAzm-YkCEOzOEoQ3xHlyMRFNTs Message-ID: Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? From: Adrian Chadd To: Lars Engels , Andreas Nilsson , Navdeep Parhar , Craig Rodrigues , Adrian Chadd , freebsd-doc@freebsd.org, Alberto Mijares , freebsd-current Current , ports Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 19:10:36 -0000 Hi! On 18 July 2014 07:28, Lars Engels wrote: > On Thu, Jul 17, 2014 at 10:21:17PM +0200, Andreas Nilsson wrote: >> On Thu, Jul 17, 2014 at 10:15 PM, Navdeep Parhar wrote: >> >> > On 07/17/14 13:12, Adrian Chadd wrote: >> > > On 17 July 2014 13:03, Alberto Mijares wrote: >> > >> On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd >> > wrote: >> > >>> Hi! >> > >>> >> > >>> 3) The binary packages need to work out of the box >> > >>> 4) .. which means, when you do things like pkg install apache, it >> > >>> can't just be installed and not be enabled, because that's a bit of a >> > >>> problem; >> > >> >> > >> >> > >> No. Please NEVER do that! The user must be able to edit the files and >> > >> start the service by himself. >> > > >> > > Cool, so what's the single line command needed to type in to start a >> > > given package service? >> > >> > Aren't sysrc(8) and service(8) for this kind of stuff? >> > >> >> They sure are. >> >> Well, pkg install $service ; sysrc ${service}_enable="YES" would do. >> Although some services have different names than the packge, which is sort >> of annoying. > > I hacked up a solution for service(8): > > http://bsd-geek.de/FreeBSD/service.sh.enable-disable.patch > > The patch adds the following directives to service(8): > > enable: Grabs an rc script's rcvar value and runs "sysrc foo_enable=YES" > disable: The opposite of enable > rcdelete: Deletes an rc script's rcvar value from /etc/rc.conf using > "sysrc -x foo_enable" > > The nice thing about is that you can use one of the new directives on > one line with the old ones, as long as the new are the first argument: > > # service syslogd enable > # service apache24 disable stop > # service apache24 rcdelete stop > # service nginx enable start > > > So after installing a package, to start and enable a daemon permanently > all you have to run is > # service foo enable start > > Lars > > P.S.: Thansk to Devin for his hard work on sysrc! Having a way for sysrc and service to know what particular options and services are exposed by a given package or installed "thing" would be nice. Right now the namespace is very flat and it's not obvious in all instances what needs to happen to make it useful and what the options are. "Oh, hm, I'd like to know what options there are for controlling the installed apache24 package, let's see"... I remember IRIX having that command to list services, stop them and start them, configure them enabled and disabled. Solaris grew something like that with Solaris 10 and after the initial learning curve it was great. Hving something like that would be 100% awesome. -a From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 19:21:50 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4E7E167D for ; Fri, 18 Jul 2014 19:21:50 +0000 (UTC) Received: from mx1.scaleengine.net (beauharnois2.bhs1.scaleengine.net [142.4.218.15]) by mx1.freebsd.org (Postfix) with ESMTP id 233FC2602 for ; Fri, 18 Jul 2014 19:21:49 +0000 (UTC) Received: from [192.168.1.2] (senat1-01.HML3.ScaleEngine.net [209.51.186.5]) (Authenticated sender: allanjude.freebsd@scaleengine.com) by mx1.scaleengine.net (Postfix) with ESMTPSA id 282E212333 for ; Fri, 18 Jul 2014 19:21:49 +0000 (UTC) Message-ID: <53C973EA.5090104@freebsd.org> Date: Fri, 18 Jul 2014 15:22:18 -0400 From: Allan Jude User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 MIME-Version: 1.0 To: freebsd-current@freebsd.org Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? References: <53C706C9.6090506@com.jkkn.dk> <20140718110645.GN87212@FreeBSD.org> <20140718151255.b3e677d9.gerrit.kuehn@aei.mpg.de> In-Reply-To: X-Enigmail-Version: 1.6 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="2dO8nqS8eWLbimK0to1DCXPPgcpdDopbu" X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 19:21:50 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --2dO8nqS8eWLbimK0to1DCXPPgcpdDopbu Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 2014-07-18 15:07, Adrian Chadd wrote: > On 18 July 2014 07:34, krad wrote: >> that is true and I have not problem using man pages, however thats not= the >> way most of the world work and search engines arent exactly new either= =2E We >> should be trying to engage more people not less, and part of that is >> reaching out. >=20 > Then do the port and maintain it. >=20 > The problem isn't the desire to keep things up to date, it's a lack of > people who want that _and_ are willing/able to do it _and_ are funded > somehow. >=20 > So, please step up! We'll all love you for it. >=20 >=20 >=20 > -a > _______________________________________________ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.o= rg" >=20 At vBSDCon Bapt@ volunteered to port the newer pf back to FreeBSD, after spending some hours driving with Henning. I say at EuroBSDCon this year, we get him drunk again, and get him saying he'll do it on video this time, then we'll be all set. --=20 Allan Jude --2dO8nqS8eWLbimK0to1DCXPPgcpdDopbu Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJTyXPrAAoJEJrBFpNRJZKf6jwQAIYyyOowPp+iWzaufQ42JL5y 69zG/VFi7fC/p/3A1WDWuxgoX8rXqBnFSZAlLsLxAuUAkKxkbdqLLhF79w84aHtm f3NW/JoF1kcZcIcejGowqcG3JditjxC+Jw6q2y9FGrqiHJnJsdKY6zRHTxh4zBvD eSTYJwygZXCQOvuDuyizfz7y658veJ+mRhi+nNQprQnxZH4CPC5oKRq5BVfqJF3u rIhtjkbN6eIzyT7rfVZiqE72+TreF5jewM+xjZAlz+4lb/j9fHVabNOkv+QAKhgm cRSOd619NF0/OwpgVQ54/R0RbnA6tutFtwZUGyvUEkJGXulGrNzgER2rUTaT4D/W oiEHA4p3jYinlgkjqdvfin84CR7muWeryxLkLj0xDqKOU+y065r8siQz7qBFNAod 4Pg8F5rVkDYRoXQUVaVuP+DG5aT7DR/wTKVh9QKB6FFcQIWSaomyGKTgUBuEDXBN 23fHKFvVjIazD/hq69mNjAsimvDwsWxEnl9psnYcyQB1taEiZ9veoGp+DaxsPuTr HnT4Og63t5eKeLbG0CO+0OPZLKgqAj/50EO0UHkDeV7/GGjdjOgEINF3UiQBqbyT p2hfo4RcvRf5e1EYRjnT5BcOuJwWLfLtxUVzvNug6DspcgHIBxd9XvvMxWkKfl4a FJtcJasREIqFPy9fZjFl =RZn/ -----END PGP SIGNATURE----- --2dO8nqS8eWLbimK0to1DCXPPgcpdDopbu-- From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 20:19:00 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EDE0758B; Fri, 18 Jul 2014 20:19:00 +0000 (UTC) Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by mx1.freebsd.org (Postfix) with ESMTP id D93C92AB0; Fri, 18 Jul 2014 20:19:00 +0000 (UTC) Received: from AlfredMacbookAir.local (c-76-21-10-192.hsd1.ca.comcast.net [76.21.10.192]) by elvis.mu.org (Postfix) with ESMTPSA id 1DBCA346DE29; Fri, 18 Jul 2014 13:18:54 -0700 (PDT) Message-ID: <53C9812D.90703@mu.org> Date: Fri, 18 Jul 2014 13:18:53 -0700 From: Alfred Perlstein User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 MIME-Version: 1.0 To: Allan Jude , freebsd-current@freebsd.org Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? References: <53C920EA.7050604@freebsd.org> In-Reply-To: <53C920EA.7050604@freebsd.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 20:19:01 -0000 On 7/18/14, 6:28 AM, Allan Jude wrote: > On 2014-07-17 16:12, Adrian Chadd wrote: >> On 17 July 2014 13:03, Alberto Mijares wrote: >>> On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd wrote: >>>> Hi! >>>> >>>> 3) The binary packages need to work out of the box >>>> 4) .. which means, when you do things like pkg install apache, it >>>> can't just be installed and not be enabled, because that's a bit of a >>>> problem; >>> >>> No. Please NEVER do that! The user must be able to edit the files and >>> start the service by himself. >> Cool, so what's the single line command needed to type in to start a >> given package service? >> >> >> >> -a >> _______________________________________________ >> freebsd-current@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-current >> To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org" >> > We could make 'service apache22 enable' > > which can run: sysrc -f /etc/rc.conf apache22_enable="YES" > > and 'service apache22 disable' > > that can use sysrc -x > > And then ports can individually extend the functionality if they require. > I like this a lot. That said, if other distros are setting up apache in 2 steps and we require 3 then we require 50% MORE STEPs! Or they require 33% LESS steps than us. Just to put it into perspective. Should FreeBSD be 50% more difficult or time consuming to configure? -Alfred From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 21:21:55 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 295A0649; Fri, 18 Jul 2014 21:21:55 +0000 (UTC) Received: from mail-wi0-x22e.google.com (mail-wi0-x22e.google.com [IPv6:2a00:1450:400c:c05::22e]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 186D520A9; Fri, 18 Jul 2014 21:21:53 +0000 (UTC) Received: by mail-wi0-f174.google.com with SMTP id d1so1477833wiv.13 for ; Fri, 18 Jul 2014 14:21:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=N/VkkIaEpJpK/p0gk61pHvdNpop46N0RrQj9a+X5P84=; b=qdhUTJ1PtiQgFzI1ivrKJE8v4gOvCl8REAiFzODddcJFu2DQhJVqmhru0NhxiXcJXt HFUBHs4XoduKPhGpv3ICNeQ+bNtj+IgZ0Y4KW0Y/uR2gqcWQUrPAiuU8Z2kMOdbl4G0C a3lge54a0R8rxz9MEGO6haOrwNX8q+IyddD+SgWMRoGhYcRYoT0BN0Lr9BSa7OeosKKr W+/+LGFUXEju2VapEftGVbtM1kr/hz5ac7bY1gHpWSfHCb+kTBUIM7Xu4PqLTKs/jwZK mEGrQQj5dU0WmQ7ruD4onMDTnPUc0yQ+LuA7Ol4pzhZGmxUnUCRO/M3qy0tHjFh3YoY0 B55A== X-Received: by 10.180.20.206 with SMTP id p14mr11733872wie.26.1405718512442; Fri, 18 Jul 2014 14:21:52 -0700 (PDT) Received: from ivaldir.etoilebsd.net ([2001:41d0:8:db4c::1]) by mx.google.com with ESMTPSA id fs17sm16982466wjc.6.2014.07.18.14.21.50 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 18 Jul 2014 14:21:51 -0700 (PDT) Sender: Baptiste Daroussin Date: Fri, 18 Jul 2014 23:21:49 +0200 From: Baptiste Daroussin To: Adrian Chadd Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? Message-ID: <20140718212148.GQ28314@ivaldir.etoilebsd.net> References: <53C82EC4.8060304@gmail.com> <20140718142835.GF96250@e-new.0x20.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="xYeFQzU4VZLrHqxU" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) Cc: Craig Rodrigues , Lars Engels , freebsd-doc@freebsd.org, Alberto Mijares , freebsd-current Current , Andreas Nilsson , Navdeep Parhar , ports X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 21:21:55 -0000 --xYeFQzU4VZLrHqxU Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jul 18, 2014 at 12:10:34PM -0700, Adrian Chadd wrote: > Hi! >=20 >=20 > On 18 July 2014 07:28, Lars Engels wrote: > > On Thu, Jul 17, 2014 at 10:21:17PM +0200, Andreas Nilsson wrote: > >> On Thu, Jul 17, 2014 at 10:15 PM, Navdeep Parhar w= rote: > >> > >> > On 07/17/14 13:12, Adrian Chadd wrote: > >> > > On 17 July 2014 13:03, Alberto Mijares wrote: > >> > >> On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd > >> > wrote: > >> > >>> Hi! > >> > >>> > >> > >>> 3) The binary packages need to work out of the box > >> > >>> 4) .. which means, when you do things like pkg install apache, it > >> > >>> can't just be installed and not be enabled, because that's a bit= of a > >> > >>> problem; > >> > >> > >> > >> > >> > >> No. Please NEVER do that! The user must be able to edit the files= and > >> > >> start the service by himself. > >> > > > >> > > Cool, so what's the single line command needed to type in to start= a > >> > > given package service? > >> > > >> > Aren't sysrc(8) and service(8) for this kind of stuff? > >> > > >> > >> They sure are. > >> > >> Well, pkg install $service ; sysrc ${service}_enable=3D"YES" would do. > >> Although some services have different names than the packge, which is = sort > >> of annoying. > > > > I hacked up a solution for service(8): > > > > http://bsd-geek.de/FreeBSD/service.sh.enable-disable.patch > > > > The patch adds the following directives to service(8): > > > > enable: Grabs an rc script's rcvar value and runs "sysrc foo_enable=3DY= ES" > > disable: The opposite of enable > > rcdelete: Deletes an rc script's rcvar value from /etc/rc.conf using > > "sysrc -x foo_enable" > > > > The nice thing about is that you can use one of the new directives on > > one line with the old ones, as long as the new are the first argument: > > > > # service syslogd enable > > # service apache24 disable stop > > # service apache24 rcdelete stop > > # service nginx enable start > > > > > > So after installing a package, to start and enable a daemon permanently > > all you have to run is > > # service foo enable start > > > > Lars > > > > P.S.: Thansk to Devin for his hard work on sysrc! >=20 > Having a way for sysrc and service to know what particular options and > services are exposed by a given package or installed "thing" would be > nice. Right now the namespace is very flat and it's not obvious in all > instances what needs to happen to make it useful and what the options > are. >=20 > "Oh, hm, I'd like to know what options there are for controlling the > installed apache24 package, let's see"... >=20 > I remember IRIX having that command to list services, stop them and > start them, configure them enabled and disabled. Solaris grew > something like that with Solaris 10 and after the initial learning > curve it was great. Hving something like that would be 100% awesome. >=20 you are asking for rcng2 with a declarative init config rather the a script regards, Bapt --xYeFQzU4VZLrHqxU Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlPJj+wACgkQ8kTtMUmk6Ex4tACgwKYEzgQEnkf4EF+nQJCC/1aO 3rYAmgOybC0HkT5geVYIRrn0qst0HliY =Y8tG -----END PGP SIGNATURE----- --xYeFQzU4VZLrHqxU-- From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 22:22:08 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C167D9F4 for ; Fri, 18 Jul 2014 22:22:08 +0000 (UTC) Received: from nm19-vm0.bullet.mail.bf1.yahoo.com (nm19-vm0.bullet.mail.bf1.yahoo.com [98.139.213.162]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 67AE32606 for ; Fri, 18 Jul 2014 22:22:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1405721929; bh=veLh5x8qanhUm8FFwQ/oDkY/eHwPm0RueGEv5kjHyrE=; h=Received:Received:Received:X-Yahoo-Newman-Id:X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:Content-Type:Content-Transfer-Encoding; b=BpdiNcxwMljyaTqrqKfzOhs+k/xJ5RWNRrKh7BC3n997UewdCRbEQeS1V83uoy6KfU69Qa/p2iG7dn+AxGulWRMWttthQfkgs0rG8KXyJbjtw2t1tzBO3o5kQwvxfcj6MBnoos73jnUZgl+2BdhwojoHR4LZsA1l/NneS3I1zE1S0F/67nzXPgE+N6jb0P97m9p13GTKUAmki5w+8aTXG444SG4UmNOTU/GsL5ZWCaJXbG/AhUrQRYnLDdNCMZ9N/F3A7NJx0sLtOmCXX8bcEk2G6oB8fRKL7AU+bBHEqEZA5YqWhTbvEz02ti4gVdpU9ob6/8/Yi409qBN0EYlE1Q== DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s2048; d=yahoo.com; b=Mnt/71/2c2BciPER0uvsgnpqv5aEvljIpIpNTMLQwFZ6+7D+BNVeG3UIcdD0brg8417bD59nnVshB3rZqeQeHHz0v2ia8DxDBrwt4OMmyhjTmlHbDEechbRztr96ZlWW1ondWDMqMMQbDMiOGZAVep0lm7lbVecwlpLvBvi+F34aZr4NPBNkQ3JV9EZVmhBK5NbYgDv+1ssnKTj0nd//zmbSn2sKDdSvQzIPnRpmFTJVdWyIp+e/2XIv9kv/mCMSKZ4JWN9WIgsO9eMgMHcmblbJ1Yz7BhsZzi3FmZ3gqmoeMV86LBw45fUvYKbCw2CFbwvb3mjK1xNIojTLoPR8jw==; Received: from [66.196.81.170] by nm19.bullet.mail.bf1.yahoo.com with NNFMP; 18 Jul 2014 22:18:49 -0000 Received: from [68.142.230.75] by tm16.bullet.mail.bf1.yahoo.com with NNFMP; 18 Jul 2014 22:18:49 -0000 Received: from [127.0.0.1] by smtp232.mail.bf1.yahoo.com with NNFMP; 18 Jul 2014 22:18:49 -0000 X-Yahoo-Newman-Id: 729364.2279.bm@smtp232.mail.bf1.yahoo.com X-Yahoo-Newman-Property: ymail-3 X-YMail-OSG: PXuc.qcVM1nwapM7rmbb_SMvGgAUSt5HyOc_RPepj7W1KCw 4gSr77Fwa78ITs9i46QHWvPYAFbWPkjyyGTCwcHyjBQPFoEo48km1w9LzrZ1 guIYE04nDgM1wQW4DrhRRA7ZvhZfjH_UvUHF_IvZK.HoHTLHENyxa5aAGV3L XEu8VAF_IW0RvTCKFn5wNjtTsvMlLXtsNLrWqTYh5f.wfEVB_s8RyxyUgkhg Kcn9YlU1uedET1EanL7uimf3ZSY2_FpZRYxsZe6XWgc_tULbjphgx_tOBbuE TC4aRsiYGAycMCcwc0gpOrkGag5gCZRRyap3t5NQquPjIS4nOcnNUHUDgKBz LKWtxYfRaF8NJKJNme5_wQjBALQpe3wILJeNT07owKO0zlsbyii6ZsEbTFyz GyVHq8q4v0MmSH6QfHji996XE_TfLZE0fELlzlI2Imm91HYx3lYX6Crt94aA wbPq04yGFYLzh3fG8Wuqb50pOcEsgCbVMhFtSDW4Ud7JTIkKNTSSDfZ7AUUu VkA7vj7QU3pdVF3z4P2tjB7VuOh3NSbET_zwKEUYqhM3o2gSj4DX8J7wTK8J zC7KHggMQPBBBvbCpSilEOTGmyZW_xwtyQSLT.aV52xq7hKs- X-Yahoo-SMTP: xcjD0guswBAZaPPIbxpWwLcp9Unf Message-ID: <53C99D4F.8070603@freebsd.org> Date: Fri, 18 Jul 2014 17:18:55 -0500 From: Pedro Giffuni User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 MIME-Version: 1.0 To: freebsd-current@FreeBSD.org Subject: CFR - fflush() behaviour change Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 22:22:08 -0000 Hi; Out of curiosity I took a peek at Apple's libc and generated some diffs against the libc in FreeBSD's 8. Most of the changes are not relevant to FreeBSD anymore as we have grown alternative implementations for things like xlocale. Nevertheless, there are still some small things to look at. In the hope of avoiding surprises, and because I wanted to try out phabricator, I have this change for review: https://phabric.freebsd.org/D440 While the change was inspired on Apple's patch, it was cleaned up with help from Bruce Evans. I did some basic testing but it can still use some more review/testing. Pedro. From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 22:57:09 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9CC275E6; Fri, 18 Jul 2014 22:57:09 +0000 (UTC) Received: from mail-lb0-x234.google.com (mail-lb0-x234.google.com [IPv6:2a00:1450:4010:c04::234]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id EB7B828C9; Fri, 18 Jul 2014 22:57:08 +0000 (UTC) Received: by mail-lb0-f180.google.com with SMTP id v6so3024597lbi.39 for ; Fri, 18 Jul 2014 15:57:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=VSBfaE6JV3O48mej/OJ3wCq+GyDDhIpGsHzj7frZOfM=; b=mHTkwATbTF8dtEkxIWHHxme1Unq6WtrPRrD4Swzfzj3DP6dO4nbN3y/xZ46j/i6T2u EcMK2VtmRhmM7n4djNKgUIUIRWIAzR2QxJ5EzHiBr6vYrkYJLG0M5xmnsyMwaO0vgGUK BMex2lD4ieWmO2UwUNVZSXIAadTb214KQvoMeZehdc6nQwL3G1zRd0CGwRDXFVpQV6uN j0czTyA91Xrtljq/WeCCNpPEsTjmBnF/b2sLF25W0ZJk9H3J8P5yhAulha3+lYMwLdtu Ffc2lw42hlxme9il4MRldR2F2m4NmycSeVTAH7ty82OeQFXALiKysjbCLKrL2wBTusgg iLnw== MIME-Version: 1.0 X-Received: by 10.112.159.200 with SMTP id xe8mr8283706lbb.55.1405724226679; Fri, 18 Jul 2014 15:57:06 -0700 (PDT) Received: by 10.112.188.43 with HTTP; Fri, 18 Jul 2014 15:57:06 -0700 (PDT) In-Reply-To: References: Date: Sat, 19 Jul 2014 00:57:06 +0200 Message-ID: Subject: Re: VT and kms is broken on a Lenovo Thinkpad E530 From: Daniel Peyrolon To: Ed Maste , freebsd-current@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.18 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 22:57:09 -0000 Allright, it seems that the kernel switched back to sysconsole. (kern.vty: sc) The wiki says that I should add this to the loader: To enable Newcons on i386 or amd64, set the loader tunable kern.vty=vt. I guess that I should do: # echo kern.vty=\"vt\" >> /boot/loader.conf 2014-07-18 18:58 GMT+02:00 Ed Maste : > On 18 July 2014 12:36, Daniel Peyrolon wrote: > > I basically installed from a FreeBSD VT enabled ISO. > > Ok, it seems those are not available any longer. > > To confirm that you're actually using vt, check "sysctl kern.vty". It > will report either sc, vt, or an error. If you get an error the > kernel predates the addition of that entry, so check "sysctl > hw.syscons" and "sysctl kern.vt". > -- Daniel From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 23:48:33 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 038851F8; Fri, 18 Jul 2014 23:48:33 +0000 (UTC) Received: from mail-la0-x22a.google.com (mail-la0-x22a.google.com [IPv6:2a00:1450:4010:c03::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5369D2D04; Fri, 18 Jul 2014 23:48:32 +0000 (UTC) Received: by mail-la0-f42.google.com with SMTP id pv20so2875437lab.1 for ; Fri, 18 Jul 2014 16:48:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=EikX5u61MGzvLIQIjSJP4XML0QmsGZRIBmlreQZ+37I=; b=scyU2e5bbu8BzB5ISwP7zWjmEyBc8UKFq+ANH4BvBK9MDQdwSLC4t56z3FR0gJZ1/C 2g73+S/cInOiRFuSw4xb5CqFTqH169vglmoWF7tBZXSNTBdIH2g2nhHLBlm19tqq9O0f espnVWFXmsa01RBBl+6jtFAUbII4sNOGLdQEfYU3JLexcTJ0UA/VueJCX46LGtRbJo1H kMdOm+Wp33VIKSxRoHnkqNv4GTtziTzMBc2KIIkzOSaRmd1Yz66VxbOX8YhKMrpldHiX 0Imwn+DQyHsOT9a/pfK35qqSnAVr1eMzXD1ZeL82NHWDP1cDvopzM3pnqtK8haC5MyE4 vsMQ== MIME-Version: 1.0 X-Received: by 10.152.198.195 with SMTP id je3mr8967150lac.59.1405727309795; Fri, 18 Jul 2014 16:48:29 -0700 (PDT) Received: by 10.112.188.43 with HTTP; Fri, 18 Jul 2014 16:48:29 -0700 (PDT) In-Reply-To: References: Date: Sat, 19 Jul 2014 01:48:29 +0200 Message-ID: Subject: Re: VT and kms is broken on a Lenovo Thinkpad E530 From: Daniel Peyrolon To: Ed Maste , freebsd-current@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.18 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 23:48:33 -0000 > I guess that I should do: > # echo kern.vty=\"vt\" >> /boot/loader.conf That did the trick. Thanks Ed! 2014-07-19 0:57 GMT+02:00 Daniel Peyrolon : > Allright, it seems that the kernel switched back to sysconsole. (kern.vty: > sc) > > The wiki says that I should add this to the loader: > To enable Newcons on i386 or amd64, set the loader tunable kern.vty=vt. > > I guess that I should do: > # echo kern.vty=\"vt\" >> /boot/loader.conf > > > > 2014-07-18 18:58 GMT+02:00 Ed Maste : > > On 18 July 2014 12:36, Daniel Peyrolon wrote: >> > I basically installed from a FreeBSD VT enabled ISO. >> >> Ok, it seems those are not available any longer. >> >> To confirm that you're actually using vt, check "sysctl kern.vty". It >> will report either sc, vt, or an error. If you get an error the >> kernel predates the addition of that entry, so check "sysctl >> hw.syscons" and "sysctl kern.vt". >> > > > > -- > Daniel > -- Daniel From owner-freebsd-current@FreeBSD.ORG Sat Jul 19 00:31:28 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 72A89A5A; Sat, 19 Jul 2014 00:31:28 +0000 (UTC) Received: from mail-qa0-x233.google.com (mail-qa0-x233.google.com [IPv6:2607:f8b0:400d:c00::233]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id DE5F120D6; Sat, 19 Jul 2014 00:31:27 +0000 (UTC) Received: by mail-qa0-f51.google.com with SMTP id k15so3563503qaq.10 for ; Fri, 18 Jul 2014 17:31:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=BBCKzrCPhal2XonLLPLlxcw0JjxUA869/laU5El57DI=; b=oRp/Y1fD1OnT+QtA760jXkfDHGqcDI5kTXoY2PG56UuwwSTngS2MaCYr4GktnfXfkq jb1wonGqZC13IgqTlqZPwg90RCw2wNsi7iDE6XZGzSUlGMH386w53HR05vcWZm69c/iL Ytmgb+MBG4/qM1TpIfhCx3dhLo0jq5c8a0e004O14PRKy/5nFbYj8EGbiAUjnlUJfVIF E3wjBfFxs5wkU2w0JfNIFRXF0FXW3B2zCzHmv7uBD6uqiZjJFmb+TZB6/NFrz77vFGfp nbanzzae8j3FZWKKsUcMcfBPJAGl9gz8uiLnapRWOmPxX9bkGGX6NRsKEbxz7w5ZveIz PkQg== MIME-Version: 1.0 X-Received: by 10.229.226.135 with SMTP id iw7mr13976530qcb.13.1405729887034; Fri, 18 Jul 2014 17:31:27 -0700 (PDT) Sender: adrian.chadd@gmail.com Received: by 10.224.1.6 with HTTP; Fri, 18 Jul 2014 17:31:26 -0700 (PDT) In-Reply-To: <20140718212148.GQ28314@ivaldir.etoilebsd.net> References: <53C82EC4.8060304@gmail.com> <20140718142835.GF96250@e-new.0x20.net> <20140718212148.GQ28314@ivaldir.etoilebsd.net> Date: Fri, 18 Jul 2014 17:31:26 -0700 X-Google-Sender-Auth: eK1PH_VkG9hmkvssz8TNhgCL6xY Message-ID: Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? From: Adrian Chadd To: Baptiste Daroussin Content-Type: text/plain; charset=UTF-8 Cc: Craig Rodrigues , Lars Engels , freebsd-doc@freebsd.org, Alberto Mijares , freebsd-current Current , Andreas Nilsson , Navdeep Parhar , ports X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jul 2014 00:31:28 -0000 On 18 July 2014 14:21, Baptiste Daroussin wrote: > On Fri, Jul 18, 2014 at 12:10:34PM -0700, Adrian Chadd wrote: >> Hi! >> >> >> On 18 July 2014 07:28, Lars Engels wrote: >> > On Thu, Jul 17, 2014 at 10:21:17PM +0200, Andreas Nilsson wrote: >> >> On Thu, Jul 17, 2014 at 10:15 PM, Navdeep Parhar wrote: >> >> >> >> > On 07/17/14 13:12, Adrian Chadd wrote: >> >> > > On 17 July 2014 13:03, Alberto Mijares wrote: >> >> > >> On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd >> >> > wrote: >> >> > >>> Hi! >> >> > >>> >> >> > >>> 3) The binary packages need to work out of the box >> >> > >>> 4) .. which means, when you do things like pkg install apache, it >> >> > >>> can't just be installed and not be enabled, because that's a bit of a >> >> > >>> problem; >> >> > >> >> >> > >> >> >> > >> No. Please NEVER do that! The user must be able to edit the files and >> >> > >> start the service by himself. >> >> > > >> >> > > Cool, so what's the single line command needed to type in to start a >> >> > > given package service? >> >> > >> >> > Aren't sysrc(8) and service(8) for this kind of stuff? >> >> > >> >> >> >> They sure are. >> >> >> >> Well, pkg install $service ; sysrc ${service}_enable="YES" would do. >> >> Although some services have different names than the packge, which is sort >> >> of annoying. >> > >> > I hacked up a solution for service(8): >> > >> > http://bsd-geek.de/FreeBSD/service.sh.enable-disable.patch >> > >> > The patch adds the following directives to service(8): >> > >> > enable: Grabs an rc script's rcvar value and runs "sysrc foo_enable=YES" >> > disable: The opposite of enable >> > rcdelete: Deletes an rc script's rcvar value from /etc/rc.conf using >> > "sysrc -x foo_enable" >> > >> > The nice thing about is that you can use one of the new directives on >> > one line with the old ones, as long as the new are the first argument: >> > >> > # service syslogd enable >> > # service apache24 disable stop >> > # service apache24 rcdelete stop >> > # service nginx enable start >> > >> > >> > So after installing a package, to start and enable a daemon permanently >> > all you have to run is >> > # service foo enable start >> > >> > Lars >> > >> > P.S.: Thansk to Devin for his hard work on sysrc! >> >> Having a way for sysrc and service to know what particular options and >> services are exposed by a given package or installed "thing" would be >> nice. Right now the namespace is very flat and it's not obvious in all >> instances what needs to happen to make it useful and what the options >> are. >> >> "Oh, hm, I'd like to know what options there are for controlling the >> installed apache24 package, let's see"... >> >> I remember IRIX having that command to list services, stop them and >> start them, configure them enabled and disabled. Solaris grew >> something like that with Solaris 10 and after the initial learning >> curve it was great. Hving something like that would be 100% awesome. >> > you are asking for rcng2 with a declarative init config rather the a script It can be a series of scripts. The problem is that the namespace for options has nothing else attached, like "Hi I'm an option that starts/stops a service", "Hi I'm an option that's for this package", "Hi I'm an option that's for this class of things." Right now there's just a series of shell variables with educated guesses about what package they're related to and what they do, rather than anything that specifically says what they do. -a From owner-freebsd-current@FreeBSD.ORG Sat Jul 19 02:36:46 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9DAB9D3E; Sat, 19 Jul 2014 02:36:46 +0000 (UTC) Received: from felyko.com (felyko.com [IPv6:2001:470:1:2d5:26:3:1337:ca7]) by mx1.freebsd.org (Postfix) with ESMTP id 796532A46; Sat, 19 Jul 2014 02:36:46 +0000 (UTC) Received: from [IPv6:2601:9:8280:426:58ba:4b9:2104:88ed] (unknown [IPv6:2601:9:8280:426:58ba:4b9:2104:88ed]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by felyko.com (Postfix) with ESMTPSA id 19AF034A9E4; Fri, 18 Jul 2014 19:36:30 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) Subject: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? From: Rui Paulo In-Reply-To: Date: Fri, 18 Jul 2014 19:36:30 -0700 Content-Transfer-Encoding: quoted-printable Message-Id: References: To: Adrian Chadd X-Mailer: Apple Mail (2.1878.6) Cc: Craig Rodrigues , freebsd-doc@freebsd.org, freebsd-current Current , ports , Andreas Nilsson X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jul 2014 02:36:46 -0000 On Jul 17, 2014, at 13:00, Adrian Chadd wrote: > On 17 July 2014 12:57, Andreas Nilsson wrote: >>=20 >>=20 >>=20 >> On Thu, Jul 17, 2014 at 9:28 PM, Adrian Chadd = wrote: >>>=20 >>> Hi! >>>=20 >>> 3) The binary packages need to work out of the box >>> 4) .. which means, when you do things like pkg install apache, it >>> can't just be installed and not be enabled, because that's a bit of = a >>> problem; >>=20 >> I disagree on this. For network services on linux ( apart from ssh ), = I want >> that started very seldom. But I do want the package installed so that = when I >> need it, it is there. Having it autostart as part of being installed = is >> breaking KISS and in some way unix philosophy: I asked for something = to be >> installed, not installed and autostarted. >=20 > That's cool. We can disagree on that. But the fact that you have to > edit a file to enable things and hope you get the right start entry in > /etc/rc.conf or /usr/local/etc/rc.conf, or wherever you put it is, is > a pain. In the context of the email thread, no one in their sane mind will = configure Amazon/Heroku/etc. VMs manually. They will use = ansible/puppet/chef/etc. to install packages and to start services after = they are installed and configured. =20 I honestly don't see what the big deal is. Most of the time you will = need to configure your apache server before you can start it. =20 -- Rui Paulo From owner-freebsd-current@FreeBSD.ORG Sat Jul 19 02:40:54 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B6D6AF82; Sat, 19 Jul 2014 02:40:54 +0000 (UTC) Received: from luigi.brtsvcs.net (luigi.brtsvcs.net [IPv6:2607:fc50:1000:1f00::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 83DA32A82; Sat, 19 Jul 2014 02:40:54 +0000 (UTC) Received: from chombo.houseloki.net (unknown [IPv6:2601:7:400:640:21c:c0ff:fe7f:96ee]) by luigi.brtsvcs.net (Postfix) with ESMTPSA id 78F0A2D4F9F; Fri, 18 Jul 2014 19:40:46 -0700 (PDT) Received: from [IPv6:2601:7:2280:38b:baca:3aff:fe83:bd29] (unknown [IPv6:2601:7:2280:38b:baca:3aff:fe83:bd29]) by chombo.houseloki.net (Postfix) with ESMTPSA id 262F9F77; Fri, 18 Jul 2014 19:40:44 -0700 (PDT) Message-ID: <53C9DAA1.4020006@bluerosetech.com> Date: Fri, 18 Jul 2014 19:40:33 -0700 From: Darren Pilgrim User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 MIME-Version: 1.0 To: Gleb Smirnoff Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? References: <53C706C9.6090506@com.jkkn.dk> <20140718110645.GN87212@FreeBSD.org> In-Reply-To: <20140718110645.GN87212@FreeBSD.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-current@freebsd.org, freebsd-questions@freebsd.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jul 2014 02:40:54 -0000 On 7/18/2014 4:06 AM, Gleb Smirnoff wrote: > K> b) We are a major release away from OpenBSD (5.6 coming soon) - is > K> following OpenBSD's pf the past? - should it be? > > Following OpenBSD on features would be cool, but no bulk imports > would be made again. Bulk imports produce bad quality of port, > and also pf in OpenBSD has no multi thread support. I would much rather have a slower pf that actually supports modern networking than a faster one I can't use due to showstopper flaws and missing features. There is currently no viable firewall module for FreeBSD if you want to do things like route IPv6. From owner-freebsd-current@FreeBSD.ORG Sat Jul 19 06:27:29 2014 Return-Path: Delivered-To: current@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id ED3529EB; Sat, 19 Jul 2014 06:27:29 +0000 (UTC) Received: from cell.glebius.int.ru (glebius.int.ru [81.19.69.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "cell.glebius.int.ru", Issuer "cell.glebius.int.ru" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 1D1E72C94; Sat, 19 Jul 2014 06:27:28 +0000 (UTC) Received: from cell.glebius.int.ru (localhost [127.0.0.1]) by cell.glebius.int.ru (8.14.9/8.14.9) with ESMTP id s6J6RPDO066734 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Sat, 19 Jul 2014 10:27:25 +0400 (MSK) (envelope-from glebius@FreeBSD.org) Received: (from glebius@localhost) by cell.glebius.int.ru (8.14.9/8.14.9/Submit) id s6J6RPNF066733; Sat, 19 Jul 2014 10:27:25 +0400 (MSK) (envelope-from glebius@FreeBSD.org) X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to glebius@FreeBSD.org using -f Date: Sat, 19 Jul 2014 10:27:25 +0400 From: Gleb Smirnoff To: current@FreeBSD.org Subject: [CFT/CFR] machine independent sf_bufs Message-ID: <20140719062725.GB85917@FreeBSD.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="1yeeQ81UyVL57Vl7" Content-Disposition: inline User-Agent: Mutt/1.5.23 (2014-03-12) Cc: kib@FreeBSD.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jul 2014 06:27:30 -0000 --1yeeQ81UyVL57Vl7 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi! we've got a lot of common code in sys/*/*/vm_machdep.c wrt the sf_buf allocation. I have gathered it into kern/subr_sfbuf.c. o No MD code left in sys/*/*/vm_machdep.c. o The arches that have physical map have their implementation in machine/sf_buf.h o The arches that needs sf_bufs use subr_sfbuf.c, optionally having some stuff in machine/sf_buf.h I can test only i386. I'd be grateful for testing: arm mips mips64 sparc64 powerpc i386 XEN The test is a simple use of any applcation or test that uses sendfile(2). The box shouldn't crash :) of course, and after end of a test there should be no evidence of sf_buf leak (observed via netstat -m). -- Totus tuus, Glebius. --1yeeQ81UyVL57Vl7 Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="sfbuf-mi.diff" Index: sys/amd64/include/sf_buf.h =================================================================== --- sys/amd64/include/sf_buf.h (revision 268750) +++ sys/amd64/include/sf_buf.h (working copy) @@ -29,10 +29,6 @@ #ifndef _MACHINE_SF_BUF_H_ #define _MACHINE_SF_BUF_H_ -#include -#include -#include - /* * On this machine, the only purpose for which sf_buf is used is to implement * an opaque pointer required by the machine-independent parts of the kernel. @@ -39,21 +35,7 @@ * That pointer references the vm_page that is "mapped" by the sf_buf. The * actual mapping is provided by the direct virtual-to-physical mapping. */ -struct sf_buf; - -static inline struct sf_buf * -sf_buf_alloc(struct vm_page *m, int pri) -{ - - return ((struct sf_buf *)m); -} - -static inline void -sf_buf_free(struct sf_buf *sf) -{ -} - -static __inline vm_offset_t +static inline vm_offset_t sf_buf_kva(struct sf_buf *sf) { @@ -60,11 +42,10 @@ sf_buf_kva(struct sf_buf *sf) return (PHYS_TO_DMAP(VM_PAGE_TO_PHYS((vm_page_t)sf))); } -static __inline vm_page_t +static inline vm_page_t sf_buf_page(struct sf_buf *sf) { return ((vm_page_t)sf); } - #endif /* !_MACHINE_SF_BUF_H_ */ Index: sys/arm/arm/vm_machdep.c =================================================================== --- sys/arm/arm/vm_machdep.c (revision 268750) +++ sys/arm/arm/vm_machdep.c (working copy) @@ -50,7 +50,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include #include @@ -83,43 +82,7 @@ __FBSDID("$FreeBSD$"); CTASSERT(sizeof(struct switchframe) == 24); CTASSERT(sizeof(struct trapframe) == 80); -#ifndef NSFBUFS -#define NSFBUFS (512 + maxusers * 16) -#endif - -static int nsfbufs; -static int nsfbufspeak; -static int nsfbufsused; - -SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufs, CTLFLAG_RDTUN, &nsfbufs, 0, - "Maximum number of sendfile(2) sf_bufs available"); -SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufspeak, CTLFLAG_RD, &nsfbufspeak, 0, - "Number of sendfile(2) sf_bufs at peak usage"); -SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufsused, CTLFLAG_RD, &nsfbufsused, 0, - "Number of sendfile(2) sf_bufs in use"); - -static void sf_buf_init(void *arg); -SYSINIT(sock_sf, SI_SUB_MBUF, SI_ORDER_ANY, sf_buf_init, NULL); - -LIST_HEAD(sf_head, sf_buf); - /* - * A hash table of active sendfile(2) buffers - */ -static struct sf_head *sf_buf_active; -static u_long sf_buf_hashmask; - -#define SF_BUF_HASH(m) (((m) - vm_page_array) & sf_buf_hashmask) - -static TAILQ_HEAD(, sf_buf) sf_buf_freelist; -static u_int sf_buf_alloc_want; - -/* - * A lock used to synchronize access to the hash table and free list - */ -static struct mtx sf_buf_lock; - -/* * Finish a fork operation, with process p2 nearly set up. * Copy and update the pcb, set up the stack so that the child * ready to run and return to user mode. @@ -184,107 +147,7 @@ cpu_thread_swapout(struct thread *td) { } -/* - * Detatch mapped page and release resources back to the system. - */ void -sf_buf_free(struct sf_buf *sf) -{ - - mtx_lock(&sf_buf_lock); - sf->ref_count--; - if (sf->ref_count == 0) { - TAILQ_INSERT_TAIL(&sf_buf_freelist, sf, free_entry); - nsfbufsused--; - pmap_kremove(sf->kva); - sf->m = NULL; - LIST_REMOVE(sf, list_entry); - if (sf_buf_alloc_want > 0) - wakeup(&sf_buf_freelist); - } - mtx_unlock(&sf_buf_lock); -} - -/* - * Allocate a pool of sf_bufs (sendfile(2) or "super-fast" if you prefer. :-)) - */ -static void -sf_buf_init(void *arg) -{ - struct sf_buf *sf_bufs; - vm_offset_t sf_base; - int i; - - nsfbufs = NSFBUFS; - TUNABLE_INT_FETCH("kern.ipc.nsfbufs", &nsfbufs); - - sf_buf_active = hashinit(nsfbufs, M_TEMP, &sf_buf_hashmask); - TAILQ_INIT(&sf_buf_freelist); - sf_base = kva_alloc(nsfbufs * PAGE_SIZE); - sf_bufs = malloc(nsfbufs * sizeof(struct sf_buf), M_TEMP, - M_NOWAIT | M_ZERO); - for (i = 0; i < nsfbufs; i++) { - sf_bufs[i].kva = sf_base + i * PAGE_SIZE; - TAILQ_INSERT_TAIL(&sf_buf_freelist, &sf_bufs[i], free_entry); - } - sf_buf_alloc_want = 0; - mtx_init(&sf_buf_lock, "sf_buf", NULL, MTX_DEF); -} - -/* - * Get an sf_buf from the freelist. Will block if none are available. - */ -struct sf_buf * -sf_buf_alloc(struct vm_page *m, int flags) -{ - struct sf_head *hash_list; - struct sf_buf *sf; - int error; - - hash_list = &sf_buf_active[SF_BUF_HASH(m)]; - mtx_lock(&sf_buf_lock); - LIST_FOREACH(sf, hash_list, list_entry) { - if (sf->m == m) { - sf->ref_count++; - if (sf->ref_count == 1) { - TAILQ_REMOVE(&sf_buf_freelist, sf, free_entry); - nsfbufsused++; - nsfbufspeak = imax(nsfbufspeak, nsfbufsused); - } - goto done; - } - } - while ((sf = TAILQ_FIRST(&sf_buf_freelist)) == NULL) { - if (flags & SFB_NOWAIT) - goto done; - sf_buf_alloc_want++; - SFSTAT_INC(sf_allocwait); - error = msleep(&sf_buf_freelist, &sf_buf_lock, - (flags & SFB_CATCH) ? PCATCH | PVM : PVM, "sfbufa", 0); - sf_buf_alloc_want--; - - - /* - * If we got a signal, don't risk going back to sleep. - */ - if (error) - goto done; - } - TAILQ_REMOVE(&sf_buf_freelist, sf, free_entry); - if (sf->m != NULL) - LIST_REMOVE(sf, list_entry); - LIST_INSERT_HEAD(hash_list, sf, list_entry); - sf->ref_count = 1; - sf->m = m; - nsfbufsused++; - nsfbufspeak = imax(nsfbufspeak, nsfbufsused); - pmap_kenter(sf->kva, VM_PAGE_TO_PHYS(sf->m)); -done: - mtx_unlock(&sf_buf_lock); - return (sf); -} - -void cpu_set_syscall_retval(struct thread *td, int error) { struct trapframe *frame; Index: sys/arm/include/sf_buf.h =================================================================== --- sys/arm/include/sf_buf.h (revision 268750) +++ sys/arm/include/sf_buf.h (working copy) @@ -29,33 +29,18 @@ #ifndef _MACHINE_SF_BUF_H_ #define _MACHINE_SF_BUF_H_ -#include - -struct vm_page; - -struct sf_buf { - LIST_ENTRY(sf_buf) list_entry; /* list of buffers */ - TAILQ_ENTRY(sf_buf) free_entry; /* list of buffers */ - struct vm_page *m; /* currently mapped page */ - vm_offset_t kva; /* va of mapping */ - int ref_count; /* usage of this mapping */ -}; - -static __inline vm_offset_t -sf_buf_kva(struct sf_buf *sf) +static inline void +sf_buf_map(struct sf_buf *sf, int flags) { - return (sf->kva); + pmap_kenter(sf->kva, VM_PAGE_TO_PHYS(sf->m)); } -static __inline struct vm_page * -sf_buf_page(struct sf_buf *sf) +static inline int +sf_buf_unmap(struct sf_buf *sf) { - return (sf->m); + pmap_kremove(sf->kva); + return (1); } - -struct sf_buf * sf_buf_alloc(struct vm_page *m, int flags); -void sf_buf_free(struct sf_buf *sf); - #endif /* !_MACHINE_SF_BUF_H_ */ Index: sys/arm/include/vmparam.h =================================================================== --- sys/arm/include/vmparam.h (revision 268750) +++ sys/arm/include/vmparam.h (working copy) @@ -170,4 +170,7 @@ extern vm_offset_t vm_max_kernel_address; #define VM_MAX_AUTOTUNE_MAXUSERS 384 #endif +#define SFBUF +#define SFBUF_MAP + #endif /* _MACHINE_VMPARAM_H_ */ Index: sys/conf/files.arm =================================================================== --- sys/conf/files.arm (revision 268750) +++ sys/conf/files.arm (working copy) @@ -77,6 +77,7 @@ font.h optional sc \ clean "font.h ${SC_DFLT_FONT}-8x14 ${SC_DFLT_FONT}-8x16 ${SC_DFLT_FONT}-8x8" kern/subr_busdma_bufalloc.c standard kern/subr_dummy_vdso_tc.c standard +kern/subr_sfbuf.c standard libkern/arm/aeabi_unwind.c standard libkern/arm/divsi3.S standard libkern/arm/ffs.S standard Index: sys/conf/files.i386 =================================================================== --- sys/conf/files.i386 (revision 268750) +++ sys/conf/files.i386 (working copy) @@ -520,6 +520,7 @@ isa/vga_isa.c optional vga kern/kern_clocksource.c standard kern/imgact_aout.c optional compat_aout kern/imgact_gzip.c optional gzip +kern/subr_sfbuf.c standard libkern/divdi3.c standard libkern/flsll.c standard libkern/memmove.c standard Index: sys/conf/files.mips =================================================================== --- sys/conf/files.mips (revision 268750) +++ sys/conf/files.mips (working copy) @@ -51,6 +51,7 @@ mips/mips/vm_machdep.c standard kern/kern_clocksource.c standard kern/link_elf_obj.c standard kern/subr_dummy_vdso_tc.c standard +kern/subr_sfbuf.c optional mips | mipsel | mipsn32 # gcc/clang runtime libkern/ffsl.c standard Index: sys/conf/files.pc98 =================================================================== --- sys/conf/files.pc98 (revision 268750) +++ sys/conf/files.pc98 (working copy) @@ -205,6 +205,7 @@ i386/svr4/svr4_machdep.c optional compat_svr4 kern/kern_clocksource.c standard kern/imgact_aout.c optional compat_aout kern/imgact_gzip.c optional gzip +kern/subr_sfbuf.c standard libkern/divdi3.c standard libkern/flsll.c standard libkern/memmove.c standard Index: sys/conf/files.powerpc =================================================================== --- sys/conf/files.powerpc (revision 268750) +++ sys/conf/files.powerpc (working copy) @@ -71,6 +71,7 @@ dev/vt/hw/ofwfb/ofwfb.c optional vt aim kern/kern_clocksource.c standard kern/subr_dummy_vdso_tc.c standard kern/syscalls.c optional ktr +kern/subr_sfbuf.c standard libkern/ashldi3.c optional powerpc libkern/ashrdi3.c optional powerpc libkern/bcmp.c standard Index: sys/conf/files.sparc64 =================================================================== --- sys/conf/files.sparc64 (revision 268750) +++ sys/conf/files.sparc64 (working copy) @@ -63,6 +63,7 @@ dev/uart/uart_kbd_sun.c optional uart sc | vt kern/kern_clocksource.c standard kern/subr_dummy_vdso_tc.c standard kern/syscalls.c optional ktr +kern/subr_sfbuf.c standard libkern/ffs.c standard libkern/ffsl.c standard libkern/fls.c standard Index: sys/i386/i386/vm_machdep.c =================================================================== --- sys/i386/i386/vm_machdep.c (revision 268750) +++ sys/i386/i386/vm_machdep.c (working copy) @@ -118,38 +118,6 @@ static u_int cpu_reset_proxyid; static volatile u_int cpu_reset_proxy_active; #endif -static int nsfbufs; -static int nsfbufspeak; -static int nsfbufsused; - -SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufs, CTLFLAG_RDTUN, &nsfbufs, 0, - "Maximum number of sendfile(2) sf_bufs available"); -SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufspeak, CTLFLAG_RD, &nsfbufspeak, 0, - "Number of sendfile(2) sf_bufs at peak usage"); -SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufsused, CTLFLAG_RD, &nsfbufsused, 0, - "Number of sendfile(2) sf_bufs in use"); - -static void sf_buf_init(void *arg); -SYSINIT(sock_sf, SI_SUB_MBUF, SI_ORDER_ANY, sf_buf_init, NULL); - -LIST_HEAD(sf_head, sf_buf); - -/* - * A hash table of active sendfile(2) buffers - */ -static struct sf_head *sf_buf_active; -static u_long sf_buf_hashmask; - -#define SF_BUF_HASH(m) (((m) - vm_page_array) & sf_buf_hashmask) - -static TAILQ_HEAD(, sf_buf) sf_buf_freelist; -static u_int sf_buf_alloc_want; - -/* - * A lock used to synchronize access to the hash table and free list - */ -static struct mtx sf_buf_lock; - extern int _ucodesel, _udatasel; /* @@ -750,122 +718,13 @@ cpu_reset_real() } /* - * Allocate a pool of sf_bufs (sendfile(2) or "super-fast" if you prefer. :-)) - */ -static void -sf_buf_init(void *arg) -{ - struct sf_buf *sf_bufs; - vm_offset_t sf_base; - int i; - - nsfbufs = NSFBUFS; - TUNABLE_INT_FETCH("kern.ipc.nsfbufs", &nsfbufs); - - sf_buf_active = hashinit(nsfbufs, M_TEMP, &sf_buf_hashmask); - TAILQ_INIT(&sf_buf_freelist); - sf_base = kva_alloc(nsfbufs * PAGE_SIZE); - sf_bufs = malloc(nsfbufs * sizeof(struct sf_buf), M_TEMP, - M_NOWAIT | M_ZERO); - for (i = 0; i < nsfbufs; i++) { - sf_bufs[i].kva = sf_base + i * PAGE_SIZE; - TAILQ_INSERT_TAIL(&sf_buf_freelist, &sf_bufs[i], free_entry); - } - sf_buf_alloc_want = 0; - mtx_init(&sf_buf_lock, "sf_buf", NULL, MTX_DEF); -} - -/* - * Invalidate the cache lines that may belong to the page, if - * (possibly old) mapping of the page by sf buffer exists. Returns - * TRUE when mapping was found and cache invalidated. - */ -boolean_t -sf_buf_invalidate_cache(vm_page_t m) -{ - struct sf_head *hash_list; - struct sf_buf *sf; - boolean_t ret; - - hash_list = &sf_buf_active[SF_BUF_HASH(m)]; - ret = FALSE; - mtx_lock(&sf_buf_lock); - LIST_FOREACH(sf, hash_list, list_entry) { - if (sf->m == m) { - /* - * Use pmap_qenter to update the pte for - * existing mapping, in particular, the PAT - * settings are recalculated. - */ - pmap_qenter(sf->kva, &m, 1); - pmap_invalidate_cache_range(sf->kva, sf->kva + - PAGE_SIZE); - ret = TRUE; - break; - } - } - mtx_unlock(&sf_buf_lock); - return (ret); -} - -/* * Get an sf_buf from the freelist. May block if none are available. */ -struct sf_buf * -sf_buf_alloc(struct vm_page *m, int flags) +void +sf_buf_map(struct sf_buf *sf, int flags) { pt_entry_t opte, *ptep; - struct sf_head *hash_list; - struct sf_buf *sf; -#ifdef SMP - cpuset_t other_cpus; - u_int cpuid; -#endif - int error; - KASSERT(curthread->td_pinned > 0 || (flags & SFB_CPUPRIVATE) == 0, - ("sf_buf_alloc(SFB_CPUPRIVATE): curthread not pinned")); - hash_list = &sf_buf_active[SF_BUF_HASH(m)]; - mtx_lock(&sf_buf_lock); - LIST_FOREACH(sf, hash_list, list_entry) { - if (sf->m == m) { - sf->ref_count++; - if (sf->ref_count == 1) { - TAILQ_REMOVE(&sf_buf_freelist, sf, free_entry); - nsfbufsused++; - nsfbufspeak = imax(nsfbufspeak, nsfbufsused); - } -#ifdef SMP - goto shootdown; -#else - goto done; -#endif - } - } - while ((sf = TAILQ_FIRST(&sf_buf_freelist)) == NULL) { - if (flags & SFB_NOWAIT) - goto done; - sf_buf_alloc_want++; - SFSTAT_INC(sf_allocwait); - error = msleep(&sf_buf_freelist, &sf_buf_lock, - (flags & SFB_CATCH) ? PCATCH | PVM : PVM, "sfbufa", 0); - sf_buf_alloc_want--; - - /* - * If we got a signal, don't risk going back to sleep. - */ - if (error) - goto done; - } - TAILQ_REMOVE(&sf_buf_freelist, sf, free_entry); - if (sf->m != NULL) - LIST_REMOVE(sf, list_entry); - LIST_INSERT_HEAD(hash_list, sf, list_entry); - sf->ref_count = 1; - sf->m = m; - nsfbufsused++; - nsfbufspeak = imax(nsfbufspeak, nsfbufsused); - /* * Update the sf_buf's virtual-to-physical mapping, flushing the * virtual address from the TLB. Since the reference count for @@ -876,11 +735,11 @@ cpu_reset_real() ptep = vtopte(sf->kva); opte = *ptep; #ifdef XEN - PT_SET_MA(sf->kva, xpmap_ptom(VM_PAGE_TO_PHYS(m)) | pgeflag - | PG_RW | PG_V | pmap_cache_bits(m->md.pat_mode, 0)); + PT_SET_MA(sf->kva, xpmap_ptom(VM_PAGE_TO_PHYS(sf->m)) | pgeflag + | PG_RW | PG_V | pmap_cache_bits(sf->m->md.pat_mode, 0)); #else - *ptep = VM_PAGE_TO_PHYS(m) | pgeflag | PG_RW | PG_V | - pmap_cache_bits(m->md.pat_mode, 0); + *ptep = VM_PAGE_TO_PHYS(sf->m) | pgeflag | PG_RW | PG_V | + pmap_cache_bits(sf->m->md.pat_mode, 0); #endif /* @@ -892,7 +751,21 @@ cpu_reset_real() #ifdef SMP if ((opte & (PG_V | PG_A)) == (PG_V | PG_A)) CPU_ZERO(&sf->cpumask); -shootdown: + + sf_buf_shootdown(sf, flags); +#else + if ((opte & (PG_V | PG_A)) == (PG_V | PG_A)) + pmap_invalidate_page(kernel_pmap, sf->kva); +#endif +} + +#ifdef SMP +void +sf_buf_shootdown(struct sf_buf *sf, int flags) +{ + cpuset_t other_cpus; + u_int cpuid; + sched_pin(); cpuid = PCPU_GET(cpuid); if (!CPU_ISSET(cpuid, &sf->cpumask)) { @@ -909,42 +782,50 @@ cpu_reset_real() } } sched_unpin(); +} +#endif + +/* + * MD part of sf_buf_free(). + */ +int +sf_buf_unmap(struct sf_buf *sf) +{ +#ifdef XEN + /* + * Xen doesn't like having dangling R/W mappings + */ + pmap_qremove(sf->kva, 1); + return (1); #else - if ((opte & (PG_V | PG_A)) == (PG_V | PG_A)) - pmap_invalidate_page(kernel_pmap, sf->kva); + return (0); #endif -done: - mtx_unlock(&sf_buf_lock); - return (sf); } +static void +sf_buf_invalidate(struct sf_buf *sf) +{ + vm_page_t m = sf->m; + + /* + * Use pmap_qenter to update the pte for + * existing mapping, in particular, the PAT + * settings are recalculated. + */ + pmap_qenter(sf->kva, &m, 1); + pmap_invalidate_cache_range(sf->kva, sf->kva + PAGE_SIZE); +} + /* - * Remove a reference from the given sf_buf, adding it to the free - * list when its reference count reaches zero. A freed sf_buf still, - * however, retains its virtual-to-physical mapping until it is - * recycled or reactivated by sf_buf_alloc(9). + * Invalidate the cache lines that may belong to the page, if + * (possibly old) mapping of the page by sf buffer exists. Returns + * TRUE when mapping was found and cache invalidated. */ -void -sf_buf_free(struct sf_buf *sf) +boolean_t +sf_buf_invalidate_cache(vm_page_t m) { - mtx_lock(&sf_buf_lock); - sf->ref_count--; - if (sf->ref_count == 0) { - TAILQ_INSERT_TAIL(&sf_buf_freelist, sf, free_entry); - nsfbufsused--; -#ifdef XEN -/* - * Xen doesn't like having dangling R/W mappings - */ - pmap_qremove(sf->kva, 1); - sf->m = NULL; - LIST_REMOVE(sf, list_entry); -#endif - if (sf_buf_alloc_want > 0) - wakeup(&sf_buf_freelist); - } - mtx_unlock(&sf_buf_lock); + return (sf_buf_process_page(m, sf_buf_invalidate)); } /* Index: sys/i386/include/sf_buf.h =================================================================== --- sys/i386/include/sf_buf.h (revision 268750) +++ sys/i386/include/sf_buf.h (working copy) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2003, 2005 Alan L. Cox + * Copyright (c) 2014 Gleb Smirnoff * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -29,39 +29,8 @@ #ifndef _MACHINE_SF_BUF_H_ #define _MACHINE_SF_BUF_H_ -#include -#include +void sf_buf_map(struct sf_buf *, int); +int sf_buf_unmap(struct sf_buf *); +boolean_t sf_buf_invalidate_cache(vm_page_t); -struct vm_page; - -struct sf_buf { - LIST_ENTRY(sf_buf) list_entry; /* list of buffers */ - TAILQ_ENTRY(sf_buf) free_entry; /* list of buffers */ - struct vm_page *m; /* currently mapped page */ - vm_offset_t kva; /* va of mapping */ - int ref_count; /* usage of this mapping */ -#ifdef SMP - cpuset_t cpumask; /* cpus on which mapping is valid */ -#endif -}; - -struct sf_buf * sf_buf_alloc(struct vm_page *m, int flags); -void sf_buf_free(struct sf_buf *sf); - -static __inline vm_offset_t -sf_buf_kva(struct sf_buf *sf) -{ - - return (sf->kva); -} - -static __inline struct vm_page * -sf_buf_page(struct sf_buf *sf) -{ - - return (sf->m); -} - -boolean_t sf_buf_invalidate_cache(vm_page_t m); - #endif /* !_MACHINE_SF_BUF_H_ */ Index: sys/i386/include/vmparam.h =================================================================== --- sys/i386/include/vmparam.h (revision 268750) +++ sys/i386/include/vmparam.h (working copy) @@ -198,4 +198,9 @@ #define VM_MAX_AUTOTUNE_MAXUSERS 384 #endif +#define SFBUF +#define SFBUF_MAP +#define SFBUF_CPUSET +#define SFBUF_PROCESS_PAGE + #endif /* _MACHINE_VMPARAM_H_ */ Index: sys/kern/subr_sfbuf.c =================================================================== --- sys/kern/subr_sfbuf.c (revision 0) +++ sys/kern/subr_sfbuf.c (working copy) @@ -0,0 +1,226 @@ +/*- + * Copyright (c) 2014 Gleb Smirnoff + * Copyright (c) 2003, 2005 Alan L. Cox + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include + +#ifndef NSFBUFS +#define NSFBUFS (512 + maxusers * 16) +#endif + +static int nsfbufs; +static int nsfbufspeak; +static int nsfbufsused; + +SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufs, CTLFLAG_RDTUN, &nsfbufs, 0, + "Maximum number of sendfile(2) sf_bufs available"); +SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufspeak, CTLFLAG_RD, &nsfbufspeak, 0, + "Number of sendfile(2) sf_bufs at peak usage"); +SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufsused, CTLFLAG_RD, &nsfbufsused, 0, + "Number of sendfile(2) sf_bufs in use"); + +static void sf_buf_init(void *arg); +SYSINIT(sock_sf, SI_SUB_MBUF, SI_ORDER_ANY, sf_buf_init, NULL); + +LIST_HEAD(sf_head, sf_buf); + +/* + * A hash table of active sendfile(2) buffers + */ +static struct sf_head *sf_buf_active; +static u_long sf_buf_hashmask; + +#define SF_BUF_HASH(m) (((m) - vm_page_array) & sf_buf_hashmask) + +static TAILQ_HEAD(, sf_buf) sf_buf_freelist; +static u_int sf_buf_alloc_want; + +/* + * A lock used to synchronize access to the hash table and free list + */ +static struct mtx sf_buf_lock; + +/* + * Allocate a pool of sf_bufs (sendfile(2) or "super-fast" if you prefer. :-)) + */ +static void +sf_buf_init(void *arg) +{ + struct sf_buf *sf_bufs; + vm_offset_t sf_base; + int i; + +#ifdef SFBUF_OPTIONAL_DIRECT_MAP + if (SFBUF_OPTIONAL_DIRECT_MAP) + return; +#endif + + nsfbufs = NSFBUFS; + TUNABLE_INT_FETCH("kern.ipc.nsfbufs", &nsfbufs); + + sf_buf_active = hashinit(nsfbufs, M_TEMP, &sf_buf_hashmask); + TAILQ_INIT(&sf_buf_freelist); + sf_base = kva_alloc(nsfbufs * PAGE_SIZE); + sf_bufs = malloc(nsfbufs * sizeof(struct sf_buf), M_TEMP, + M_NOWAIT | M_ZERO); + KASSERT(sf_bufs, ("%s: malloc failure", __func__)); + for (i = 0; i < nsfbufs; i++) { + sf_bufs[i].kva = sf_base + i * PAGE_SIZE; + TAILQ_INSERT_TAIL(&sf_buf_freelist, &sf_bufs[i], free_entry); + } + sf_buf_alloc_want = 0; + mtx_init(&sf_buf_lock, "sf_buf", NULL, MTX_DEF); +} + +/* + * Get an sf_buf from the freelist. May block if none are available. + */ +struct sf_buf * +sf_buf_alloc(struct vm_page *m, int flags) +{ + struct sf_head *hash_list; + struct sf_buf *sf; + int error; + +#ifdef SFBUF_OPTIONAL_DIRECT_MAP + if (SFBUF_OPTIONAL_DIRECT_MAP) + return ((struct sf_buf *)m); +#endif + + KASSERT(curthread->td_pinned > 0 || (flags & SFB_CPUPRIVATE) == 0, + ("sf_buf_alloc(SFB_CPUPRIVATE): curthread not pinned")); + hash_list = &sf_buf_active[SF_BUF_HASH(m)]; + mtx_lock(&sf_buf_lock); + LIST_FOREACH(sf, hash_list, list_entry) { + if (sf->m == m) { + sf->ref_count++; + if (sf->ref_count == 1) { + TAILQ_REMOVE(&sf_buf_freelist, sf, free_entry); + nsfbufsused++; + nsfbufspeak = imax(nsfbufspeak, nsfbufsused); + } +#if defined(SMP) && defined(SFBUF_CPUSET) + sf_buf_shootdown(sf, flags); +#endif + goto done; + } + } + while ((sf = TAILQ_FIRST(&sf_buf_freelist)) == NULL) { + if (flags & SFB_NOWAIT) + goto done; + sf_buf_alloc_want++; + SFSTAT_INC(sf_allocwait); + error = msleep(&sf_buf_freelist, &sf_buf_lock, + (flags & SFB_CATCH) ? PCATCH | PVM : PVM, "sfbufa", 0); + sf_buf_alloc_want--; + + /* + * If we got a signal, don't risk going back to sleep. + */ + if (error) + goto done; + } + TAILQ_REMOVE(&sf_buf_freelist, sf, free_entry); + if (sf->m != NULL) + LIST_REMOVE(sf, list_entry); + LIST_INSERT_HEAD(hash_list, sf, list_entry); + sf->ref_count = 1; + sf->m = m; + nsfbufsused++; + nsfbufspeak = imax(nsfbufspeak, nsfbufsused); + sf_buf_map(sf, flags); +done: + mtx_unlock(&sf_buf_lock); + return (sf); +} + +/* + * Remove a reference from the given sf_buf, adding it to the free + * list when its reference count reaches zero. A freed sf_buf still, + * however, retains its virtual-to-physical mapping until it is + * recycled or reactivated by sf_buf_alloc(9). + */ +void +sf_buf_free(struct sf_buf *sf) +{ + +#ifdef SFBUF_OPTIONAL_DIRECT_MAP + if (SFBUF_OPTIONAL_DIRECT_MAP) + return; +#endif + + mtx_lock(&sf_buf_lock); + sf->ref_count--; + if (sf->ref_count == 0) { + TAILQ_INSERT_TAIL(&sf_buf_freelist, sf, free_entry); + nsfbufsused--; + if (sf_buf_unmap(sf)) { + sf->m = NULL; + LIST_REMOVE(sf, list_entry); + } + if (sf_buf_alloc_want > 0) + wakeup(&sf_buf_freelist); + } + mtx_unlock(&sf_buf_lock); +} + +#ifdef SFBUF_PROCESS_PAGE +/* + * Run callback function on sf_buf that holds a certain page. + */ +boolean_t +sf_buf_process_page(vm_page_t m, void (*cb)(struct sf_buf *)) +{ + struct sf_head *hash_list; + struct sf_buf *sf; + + hash_list = &sf_buf_active[SF_BUF_HASH(m)]; + mtx_lock(&sf_buf_lock); + LIST_FOREACH(sf, hash_list, list_entry) { + if (sf->m == m) { + cb(sf); + mtx_unlock(&sf_buf_lock); + return (TRUE); + } + } + mtx_unlock(&sf_buf_lock); + return (FALSE); +} +#endif /* SFBUF_PROCESS_PAGE */ Property changes on: sys/kern/subr_sfbuf.c ___________________________________________________________________ Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Index: sys/mips/include/sf_buf.h =================================================================== --- sys/mips/include/sf_buf.h (revision 268750) +++ sys/mips/include/sf_buf.h (working copy) @@ -29,31 +29,9 @@ #ifndef _MACHINE_SF_BUF_H_ #define _MACHINE_SF_BUF_H_ -#ifdef __mips_n64 -#include -#include -#include -#else -#include -#endif +#ifdef __mips_n64 /* In 64 bit the whole memory is directly mapped */ -#ifdef __mips_n64 -/* In 64 bit the whole memory is directly mapped */ -struct sf_buf; - -static inline struct sf_buf * -sf_buf_alloc(struct vm_page *m, int pri) -{ - - return ((struct sf_buf *)m); -} - -static inline void -sf_buf_free(struct sf_buf *sf) -{ -} - -static __inline vm_offset_t +static inline vm_offset_t sf_buf_kva(struct sf_buf *sf) { vm_page_t m; @@ -62,7 +40,7 @@ sf_buf_kva(struct sf_buf *sf) return (MIPS_PHYS_TO_DIRECT(VM_PAGE_TO_PHYS(m))); } -static __inline struct vm_page * +static inline struct vm_page * sf_buf_page(struct sf_buf *sf) { @@ -69,31 +47,5 @@ sf_buf_page(struct sf_buf *sf) return ((vm_page_t)sf); } -#else /* ! __mips_n64 */ -struct vm_page; - -struct sf_buf { - SLIST_ENTRY(sf_buf) free_list; /* list of free buffer slots */ - struct vm_page *m; /* currently mapped page */ - vm_offset_t kva; /* va of mapping */ -}; - -struct sf_buf * sf_buf_alloc(struct vm_page *m, int flags); -void sf_buf_free(struct sf_buf *sf); - -static __inline vm_offset_t -sf_buf_kva(struct sf_buf *sf) -{ - - return (sf->kva); -} - -static __inline struct vm_page * -sf_buf_page(struct sf_buf *sf) -{ - - return (sf->m); -} #endif /* __mips_n64 */ - #endif /* !_MACHINE_SF_BUF_H_ */ Index: sys/mips/include/vmparam.h =================================================================== --- sys/mips/include/vmparam.h (revision 268750) +++ sys/mips/include/vmparam.h (working copy) @@ -187,4 +187,8 @@ #define ZERO_REGION_SIZE (64 * 1024) /* 64KB */ +#ifndef __mips_n64 +#define SFBUF +#endif + #endif /* !_MACHINE_VMPARAM_H_ */ Index: sys/mips/mips/vm_machdep.c =================================================================== --- sys/mips/mips/vm_machdep.c (revision 268750) +++ sys/mips/mips/vm_machdep.c (working copy) @@ -76,9 +76,6 @@ __FBSDID("$FreeBSD$"); #include #include -#ifndef __mips_n64 -#include -#endif /* Duplicated from asm.h */ #if defined(__mips_o32) @@ -92,39 +89,7 @@ __FBSDID("$FreeBSD$"); #define CALLFRAME_SIZ (SZREG * 4) #endif -#ifndef __mips_n64 - -#ifndef NSFBUFS -#define NSFBUFS (512 + maxusers * 16) -#endif - -static int nsfbufs; -static int nsfbufspeak; -static int nsfbufsused; - -SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufs, CTLFLAG_RDTUN, &nsfbufs, 0, - "Maximum number of sendfile(2) sf_bufs available"); -SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufspeak, CTLFLAG_RD, &nsfbufspeak, 0, - "Number of sendfile(2) sf_bufs at peak usage"); -SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufsused, CTLFLAG_RD, &nsfbufsused, 0, - "Number of sendfile(2) sf_bufs in use"); - -static void sf_buf_init(void *arg); -SYSINIT(sock_sf, SI_SUB_MBUF, SI_ORDER_ANY, sf_buf_init, NULL); - /* - * Expanded sf_freelist head. Really an SLIST_HEAD() in disguise, with the - * sf_freelist head with the sf_lock mutex. - */ -static struct { - SLIST_HEAD(, sf_buf) sf_head; - struct mtx sf_lock; -} sf_freelist; - -static u_int sf_buf_alloc_want; -#endif /* !__mips_n64 */ - -/* * Finish a fork operation, with process p2 nearly set up. * Copy and update the pcb, set up the stack so that the child * ready to run and return to user mode. @@ -513,84 +478,6 @@ cpu_set_upcall_kse(struct thread *td, void (*entry #define ZIDLE_HI(v) ((v) * 4 / 5) /* - * Allocate a pool of sf_bufs (sendfile(2) or "super-fast" if you prefer. :-)) - */ -#ifndef __mips_n64 -static void -sf_buf_init(void *arg) -{ - struct sf_buf *sf_bufs; - vm_offset_t sf_base; - int i; - - nsfbufs = NSFBUFS; - TUNABLE_INT_FETCH("kern.ipc.nsfbufs", &nsfbufs); - - mtx_init(&sf_freelist.sf_lock, "sf_bufs list lock", NULL, MTX_DEF); - SLIST_INIT(&sf_freelist.sf_head); - sf_base = kva_alloc(nsfbufs * PAGE_SIZE); - sf_bufs = malloc(nsfbufs * sizeof(struct sf_buf), M_TEMP, - M_NOWAIT | M_ZERO); - for (i = 0; i < nsfbufs; i++) { - sf_bufs[i].kva = sf_base + i * PAGE_SIZE; - SLIST_INSERT_HEAD(&sf_freelist.sf_head, &sf_bufs[i], free_list); - } - sf_buf_alloc_want = 0; -} - -/* - * Get an sf_buf from the freelist. Will block if none are available. - */ -struct sf_buf * -sf_buf_alloc(struct vm_page *m, int flags) -{ - struct sf_buf *sf; - int error; - - mtx_lock(&sf_freelist.sf_lock); - while ((sf = SLIST_FIRST(&sf_freelist.sf_head)) == NULL) { - if (flags & SFB_NOWAIT) - break; - sf_buf_alloc_want++; - SFSTAT_INC(sf_allocwait); - error = msleep(&sf_freelist, &sf_freelist.sf_lock, - (flags & SFB_CATCH) ? PCATCH | PVM : PVM, "sfbufa", 0); - sf_buf_alloc_want--; - - /* - * If we got a signal, don't risk going back to sleep. - */ - if (error) - break; - } - if (sf != NULL) { - SLIST_REMOVE_HEAD(&sf_freelist.sf_head, free_list); - sf->m = m; - nsfbufsused++; - nsfbufspeak = imax(nsfbufspeak, nsfbufsused); - pmap_qenter(sf->kva, &sf->m, 1); - } - mtx_unlock(&sf_freelist.sf_lock); - return (sf); -} - -/* - * Release resources back to the system. - */ -void -sf_buf_free(struct sf_buf *sf) -{ - pmap_qremove(sf->kva, 1); - mtx_lock(&sf_freelist.sf_lock); - SLIST_INSERT_HEAD(&sf_freelist.sf_head, sf, free_list); - nsfbufsused--; - if (sf_buf_alloc_want > 0) - wakeup(&sf_freelist); - mtx_unlock(&sf_freelist.sf_lock); -} -#endif /* !__mips_n64 */ - -/* * Software interrupt handler for queued VM system processing. */ void Index: sys/powerpc/include/sf_buf.h =================================================================== --- sys/powerpc/include/sf_buf.h (revision 268750) +++ sys/powerpc/include/sf_buf.h (working copy) @@ -1,80 +0,0 @@ -/*- - * Copyright (c) 2003 Alan L. Cox - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef _MACHINE_SF_BUF_H_ -#define _MACHINE_SF_BUF_H_ - -#include -#include -#include -#include -#include - -struct vm_page; - -struct sf_buf { - LIST_ENTRY(sf_buf) list_entry; /* list of buffers */ - TAILQ_ENTRY(sf_buf) free_entry; /* list of buffers */ - struct vm_page *m; /* currently mapped page */ - vm_offset_t kva; /* va of mapping */ - int ref_count; /* usage of this mapping */ -}; - -struct sf_buf * sf_buf_alloc(struct vm_page *m, int flags); -void sf_buf_free(struct sf_buf *sf); - -/* - * On 32-bit OEA, the only purpose for which sf_buf is used is to implement - * an opaque pointer required by the machine-independent parts of the kernel. - * That pointer references the vm_page that is "mapped" by the sf_buf. The - * actual mapping is provided by the direct virtual-to-physical mapping. - * - * On OEA64 and Book-E, we need to do something a little more complicated. Use - * the runtime-detected hw_direct_map to pick between the two cases. Our - * friends in vm_machdep.c will do the same to ensure nothing gets confused. - */ - -static __inline vm_offset_t -sf_buf_kva(struct sf_buf *sf) -{ - if (hw_direct_map) - return (VM_PAGE_TO_PHYS((vm_page_t)sf)); - - return (sf->kva); -} - -static __inline struct vm_page * -sf_buf_page(struct sf_buf *sf) -{ - if (hw_direct_map) - return ((vm_page_t)sf); - - return (sf->m); -} - -#endif /* !_MACHINE_SF_BUF_H_ */ Index: sys/powerpc/include/vmparam.h =================================================================== --- sys/powerpc/include/vmparam.h (revision 268750) +++ sys/powerpc/include/vmparam.h (working copy) @@ -197,4 +197,18 @@ struct pmap_physseg { #define ZERO_REGION_SIZE (64 * 1024) /* 64KB */ +/* + * On 32-bit OEA, the only purpose for which sf_buf is used is to implement + * an opaque pointer required by the machine-independent parts of the kernel. + * That pointer references the vm_page that is "mapped" by the sf_buf. The + * actual mapping is provided by the direct virtual-to-physical mapping. + * + * On OEA64 and Book-E, we need to do something a little more complicated. Use + * the runtime-detected hw_direct_map to pick between the two cases. Our + * friends in vm_machdep.c will do the same to ensure nothing gets confused. + */ +#define SFBUF +#define SFBUF_NOMD +#define SFBUF_OPTIONAL_DIRECT_MAP hw_direct_map + #endif /* _MACHINE_VMPARAM_H_ */ Index: sys/powerpc/powerpc/vm_machdep.c =================================================================== --- sys/powerpc/powerpc/vm_machdep.c (revision 268750) +++ sys/powerpc/powerpc/vm_machdep.c (working copy) @@ -80,7 +80,6 @@ #include #include #include -#include #include #include #include @@ -100,47 +99,6 @@ #include #include -/* - * On systems without a direct mapped region (e.g. PPC64), - * we use the same code as the Book E implementation. Since - * we need to have runtime detection of this, define some machinery - * for sf_bufs in this case, and ignore it on systems with direct maps. - */ - -#ifndef NSFBUFS -#define NSFBUFS (512 + maxusers * 16) -#endif - -static int nsfbufs; -static int nsfbufspeak; -static int nsfbufsused; - -SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufs, CTLFLAG_RDTUN, &nsfbufs, 0, - "Maximum number of sendfile(2) sf_bufs available"); -SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufspeak, CTLFLAG_RD, &nsfbufspeak, 0, - "Number of sendfile(2) sf_bufs at peak usage"); -SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufsused, CTLFLAG_RD, &nsfbufsused, 0, - "Number of sendfile(2) sf_bufs in use"); - -static void sf_buf_init(void *arg); -SYSINIT(sock_sf, SI_SUB_MBUF, SI_ORDER_ANY, sf_buf_init, NULL); - -LIST_HEAD(sf_head, sf_buf); - -/* A hash table of active sendfile(2) buffers */ -static struct sf_head *sf_buf_active; -static u_long sf_buf_hashmask; - -#define SF_BUF_HASH(m) (((m) - vm_page_array) & sf_buf_hashmask) - -static TAILQ_HEAD(, sf_buf) sf_buf_freelist; -static u_int sf_buf_alloc_want; - -/* - * A lock used to synchronize access to the hash table and free list - */ -static struct mtx sf_buf_lock; - #ifdef __powerpc64__ extern uintptr_t tocbase; #endif @@ -245,124 +203,6 @@ cpu_exit(struct thread *td) } /* - * Allocate a pool of sf_bufs (sendfile(2) or "super-fast" if you prefer. :-)) - */ -static void -sf_buf_init(void *arg) -{ - struct sf_buf *sf_bufs; - vm_offset_t sf_base; - int i; - - /* Don't bother on systems with a direct map */ - if (hw_direct_map) - return; - - nsfbufs = NSFBUFS; - TUNABLE_INT_FETCH("kern.ipc.nsfbufs", &nsfbufs); - - sf_buf_active = hashinit(nsfbufs, M_TEMP, &sf_buf_hashmask); - TAILQ_INIT(&sf_buf_freelist); - sf_base = kva_alloc(nsfbufs * PAGE_SIZE); - sf_bufs = malloc(nsfbufs * sizeof(struct sf_buf), M_TEMP, - M_NOWAIT | M_ZERO); - - for (i = 0; i < nsfbufs; i++) { - sf_bufs[i].kva = sf_base + i * PAGE_SIZE; - TAILQ_INSERT_TAIL(&sf_buf_freelist, &sf_bufs[i], free_entry); - } - sf_buf_alloc_want = 0; - mtx_init(&sf_buf_lock, "sf_buf", NULL, MTX_DEF); -} - -/* - * Get an sf_buf from the freelist. Will block if none are available. - */ -struct sf_buf * -sf_buf_alloc(struct vm_page *m, int flags) -{ - struct sf_head *hash_list; - struct sf_buf *sf; - int error; - - if (hw_direct_map) { - /* Shortcut the direct mapped case */ - return ((struct sf_buf *)m); - } - - hash_list = &sf_buf_active[SF_BUF_HASH(m)]; - mtx_lock(&sf_buf_lock); - LIST_FOREACH(sf, hash_list, list_entry) { - if (sf->m == m) { - sf->ref_count++; - if (sf->ref_count == 1) { - TAILQ_REMOVE(&sf_buf_freelist, sf, free_entry); - nsfbufsused++; - nsfbufspeak = imax(nsfbufspeak, nsfbufsused); - } - goto done; - } - } - - while ((sf = TAILQ_FIRST(&sf_buf_freelist)) == NULL) { - if (flags & SFB_NOWAIT) - goto done; - - sf_buf_alloc_want++; - SFSTAT_INC(sf_allocwait); - error = msleep(&sf_buf_freelist, &sf_buf_lock, - (flags & SFB_CATCH) ? PCATCH | PVM : PVM, "sfbufa", 0); - sf_buf_alloc_want--; - - /* - * If we got a signal, don't risk going back to sleep. - */ - if (error) - goto done; - } - - TAILQ_REMOVE(&sf_buf_freelist, sf, free_entry); - if (sf->m != NULL) - LIST_REMOVE(sf, list_entry); - - LIST_INSERT_HEAD(hash_list, sf, list_entry); - sf->ref_count = 1; - sf->m = m; - nsfbufsused++; - nsfbufspeak = imax(nsfbufspeak, nsfbufsused); - pmap_qenter(sf->kva, &sf->m, 1); -done: - mtx_unlock(&sf_buf_lock); - return (sf); -} - -/* - * Detach mapped page and release resources back to the system. - * - * Remove a reference from the given sf_buf, adding it to the free - * list when its reference count reaches zero. A freed sf_buf still, - * however, retains its virtual-to-physical mapping until it is - * recycled or reactivated by sf_buf_alloc(9). - */ -void -sf_buf_free(struct sf_buf *sf) -{ - if (hw_direct_map) - return; - - mtx_lock(&sf_buf_lock); - sf->ref_count--; - if (sf->ref_count == 0) { - TAILQ_INSERT_TAIL(&sf_buf_freelist, sf, free_entry); - nsfbufsused--; - - if (sf_buf_alloc_want > 0) - wakeup(&sf_buf_freelist); - } - mtx_unlock(&sf_buf_lock); -} - -/* * Software interrupt handler for queued VM system processing. */ void Index: sys/sparc64/include/sf_buf.h =================================================================== --- sys/sparc64/include/sf_buf.h (revision 268750) +++ sys/sparc64/include/sf_buf.h (working copy) @@ -1,59 +0,0 @@ -/*- - * Copyright (c) 2003 Alan L. Cox - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef _MACHINE_SF_BUF_H_ -#define _MACHINE_SF_BUF_H_ - -#include - -struct vm_page; - -struct sf_buf { - SLIST_ENTRY(sf_buf) free_list; /* list of free buffer slots */ - struct vm_page *m; /* currently mapped page */ - vm_offset_t kva; /* va of mapping */ -}; - -struct sf_buf * sf_buf_alloc(struct vm_page *m, int flags); -void sf_buf_free(struct sf_buf *sf); - -static __inline vm_offset_t -sf_buf_kva(struct sf_buf *sf) -{ - - return (sf->kva); -} - -static __inline struct vm_page * -sf_buf_page(struct sf_buf *sf) -{ - - return (sf->m); -} - -#endif /* !_MACHINE_SF_BUF_H_ */ Index: sys/sparc64/include/vmparam.h =================================================================== --- sys/sparc64/include/vmparam.h (revision 268750) +++ sys/sparc64/include/vmparam.h (working copy) @@ -239,4 +239,7 @@ extern vm_offset_t vm_max_kernel_address; */ #define ZERO_REGION_SIZE PAGE_SIZE +#define SFBUF +#define SFBUF_NOMD + #endif /* !_MACHINE_VMPARAM_H_ */ Index: sys/sparc64/sparc64/vm_machdep.c =================================================================== --- sys/sparc64/sparc64/vm_machdep.c (revision 268750) +++ sys/sparc64/sparc64/vm_machdep.c (working copy) @@ -53,7 +53,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include #include @@ -84,35 +83,6 @@ __FBSDID("$FreeBSD$"); #include #include -#ifndef NSFBUFS -#define NSFBUFS (512 + maxusers * 16) -#endif - -static int nsfbufs; -static int nsfbufspeak; -static int nsfbufsused; - -SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufs, CTLFLAG_RDTUN, &nsfbufs, 0, - "Maximum number of sendfile(2) sf_bufs available"); -SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufspeak, CTLFLAG_RD, &nsfbufspeak, 0, - "Number of sendfile(2) sf_bufs at peak usage"); -SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufsused, CTLFLAG_RD, &nsfbufsused, 0, - "Number of sendfile(2) sf_bufs in use"); - -static void sf_buf_init(void *arg); -SYSINIT(sock_sf, SI_SUB_MBUF, SI_ORDER_ANY, sf_buf_init, NULL); - -/* - * Expanded sf_freelist head. Really an SLIST_HEAD() in disguise, with the - * sf_freelist head with the sf_lock mutex. - */ -static struct { - SLIST_HEAD(, sf_buf) sf_head; - struct mtx sf_lock; -} sf_freelist; - -static u_int sf_buf_alloc_want; - PMAP_STATS_VAR(uma_nsmall_alloc); PMAP_STATS_VAR(uma_nsmall_alloc_oc); PMAP_STATS_VAR(uma_nsmall_free); @@ -417,84 +387,7 @@ is_physical_memory(vm_paddr_t addr) return (0); } -/* - * Allocate a pool of sf_bufs (sendfile(2) or "super-fast" if you prefer. :-)) - */ -static void -sf_buf_init(void *arg) -{ - struct sf_buf *sf_bufs; - vm_offset_t sf_base; - int i; - - nsfbufs = NSFBUFS; - TUNABLE_INT_FETCH("kern.ipc.nsfbufs", &nsfbufs); - - mtx_init(&sf_freelist.sf_lock, "sf_bufs list lock", NULL, MTX_DEF); - SLIST_INIT(&sf_freelist.sf_head); - sf_base = kva_alloc(nsfbufs * PAGE_SIZE); - sf_bufs = malloc(nsfbufs * sizeof(struct sf_buf), M_TEMP, - M_NOWAIT | M_ZERO); - for (i = 0; i < nsfbufs; i++) { - sf_bufs[i].kva = sf_base + i * PAGE_SIZE; - SLIST_INSERT_HEAD(&sf_freelist.sf_head, &sf_bufs[i], free_list); - } - sf_buf_alloc_want = 0; -} - -/* - * Get an sf_buf from the freelist. Will block if none are available. - */ -struct sf_buf * -sf_buf_alloc(struct vm_page *m, int flags) -{ - struct sf_buf *sf; - int error; - - mtx_lock(&sf_freelist.sf_lock); - while ((sf = SLIST_FIRST(&sf_freelist.sf_head)) == NULL) { - if (flags & SFB_NOWAIT) - break; - sf_buf_alloc_want++; - SFSTAT_INC(sf_allocwait); - error = msleep(&sf_freelist, &sf_freelist.sf_lock, - (flags & SFB_CATCH) ? PCATCH | PVM : PVM, "sfbufa", 0); - sf_buf_alloc_want--; - - /* - * If we got a signal, don't risk going back to sleep. - */ - if (error) - break; - } - if (sf != NULL) { - SLIST_REMOVE_HEAD(&sf_freelist.sf_head, free_list); - sf->m = m; - nsfbufsused++; - nsfbufspeak = imax(nsfbufspeak, nsfbufsused); - pmap_qenter(sf->kva, &sf->m, 1); - } - mtx_unlock(&sf_freelist.sf_lock); - return (sf); -} - -/* - * Release resources back to the system. - */ void -sf_buf_free(struct sf_buf *sf) -{ - - pmap_qremove(sf->kva, 1); - mtx_lock(&sf_freelist.sf_lock); - SLIST_INSERT_HEAD(&sf_freelist.sf_head, sf, free_list); - nsfbufsused--; - if (sf_buf_alloc_want > 0) - wakeup(&sf_freelist); - mtx_unlock(&sf_freelist.sf_lock); -} - -void swi_vm(void *v) { Index: sys/sys/sf_buf.h =================================================================== --- sys/sys/sf_buf.h (revision 268750) +++ sys/sys/sf_buf.h (working copy) @@ -29,6 +29,114 @@ #ifndef _SYS_SF_BUF_H_ #define _SYS_SF_BUF_H_ +struct sfstat { /* sendfile statistics */ + uint64_t sf_iocnt; /* times sendfile had to do disk I/O */ + uint64_t sf_allocfail; /* times sfbuf allocation failed */ + uint64_t sf_allocwait; /* times sfbuf allocation had to wait */ +}; + +#ifdef _KERNEL +#include +#include +#include +#include +#include +#include + +#ifdef SFBUF +#if defined(SMP) && defined(SFBUF_CPUSET) +#include +#endif +#include + +struct sf_buf { + LIST_ENTRY(sf_buf) list_entry; /* list of buffers */ + TAILQ_ENTRY(sf_buf) free_entry; /* list of buffers */ + vm_page_t m; /* currently mapped page */ + vm_offset_t kva; /* va of mapping */ + int ref_count; /* usage of this mapping */ +#if defined(SMP) && defined(SFBUF_CPUSET) + cpuset_t cpumask; /* where mapping is valid */ +#endif +}; +#else /* ! SFBUF */ +struct sf_buf; +#endif /* SFBUF */ + +#ifndef SFBUF_NOMD +#include +#endif +#ifdef SFBUF_OPTIONAL_DIRECT_MAP +#include +#endif + +#ifdef SFBUF +struct sf_buf *sf_buf_alloc(struct vm_page *, int); +void sf_buf_free(struct sf_buf *); + +static inline vm_offset_t +sf_buf_kva(struct sf_buf *sf) +{ +#ifdef SFBUF_OPTIONAL_DIRECT_MAP + if (SFBUF_OPTIONAL_DIRECT_MAP) + return (VM_PAGE_TO_PHYS((vm_page_t)sf)); +#endif + + return (sf->kva); +} + +static inline vm_page_t +sf_buf_page(struct sf_buf *sf) +{ +#ifdef SFBUF_OPTIONAL_DIRECT_MAP + if (SFBUF_OPTIONAL_DIRECT_MAP) + return ((vm_page_t)sf); +#endif + + return (sf->m); +} + +#ifndef SFBUF_MAP +#include + +static inline void +sf_buf_map(struct sf_buf *sf, int flags) +{ + + pmap_qenter(sf->kva, &sf->m, 1); +} + +static inline int +sf_buf_unmap(struct sf_buf *sf) +{ + + return (0); +} +#endif /* SFBUF_MAP */ + +#if defined(SMP) && defined(SFBUF_CPUSET) +void sf_buf_shootdown(struct sf_buf *, int); +#endif + +#ifdef SFBUF_PROCESS_PAGE +boolean_t sf_buf_process_page(vm_page_t, void (*)(struct sf_buf *)); +#endif + +#else /* ! SFBUF */ + +static inline struct sf_buf * +sf_buf_alloc(struct vm_page *m, int pri) +{ + + return ((struct sf_buf *)m); +} + +static inline void +sf_buf_free(struct sf_buf *sf) +{ +} +#endif /* SFBUF */ + /* * Options to sf_buf_alloc() are specified through its flags argument. This * argument's value should be the result of a bitwise or'ing of one or more @@ -40,19 +148,6 @@ #define SFB_DEFAULT 0 #define SFB_NOWAIT 4 /* Return NULL if all bufs are used. */ -struct vm_page; - -struct sfstat { /* sendfile statistics */ - uint64_t sf_iocnt; /* times sendfile had to do disk I/O */ - uint64_t sf_allocfail; /* times sfbuf allocation failed */ - uint64_t sf_allocwait; /* times sfbuf allocation had to wait */ -}; - -#ifdef _KERNEL -#include -#include -#include - extern counter_u64_t sfstat[sizeof(struct sfstat) / sizeof(uint64_t)]; #define SFSTAT_ADD(name, val) \ counter_u64_add(sfstat[offsetof(struct sfstat, name) / sizeof(uint64_t)],\ --1yeeQ81UyVL57Vl7-- From owner-freebsd-current@FreeBSD.ORG Sat Jul 19 08:33:26 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 864843B5; Sat, 19 Jul 2014 08:33:26 +0000 (UTC) Received: from mail143c7.megamailservers.com (mail745.megamailservers.com [69.49.98.55]) (using TLSv1.1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0F38824E2; Sat, 19 Jul 2014 08:33:24 +0000 (UTC) X-Authenticated-User: hurds.sasktel.net Received: from [192.168.0.33] (ip70-187-145-241.oc.oc.cox.net [70.187.145.241]) (authenticated bits=0) by mail143c7.megamailservers.com (8.13.6/8.13.1) with ESMTP id s6J8WviF001605; Sat, 19 Jul 2014 04:33:01 -0400 Message-ID: <53CA2D39.6000204@sasktel.net> Date: Sat, 19 Jul 2014 01:32:57 -0700 From: Stephen Hurd User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26 MIME-Version: 1.0 To: krad , Matt Bettinger Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? References: <53C706C9.6090506@com.jkkn.dk> <20140718110645.GN87212@FreeBSD.org> <20140718151255.b3e677d9.gerrit.kuehn@aei.mpg.de> In-Reply-To: X-Enigmail-Version: 1.6.1_pre20140112 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-CTCH-RefID: str=0001.0A020207.53CA2D3E.0072, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0 X-CTCH-VOD: Unknown X-CTCH-Spam: Unknown X-CTCH-Score: 0.000 X-CTCH-Rules: X-CTCH-Flags: 0 X-CTCH-ScoreCust: 0.000 X-CSC: 0 X-CHA: v=2.1 cv=cZDr8BzM c=1 sm=1 tr=0 a=qWhSLQ/2FgUpSQgLv9E1tw==:117 a=qWhSLQ/2FgUpSQgLv9E1tw==:17 a=kviXuzpPAAAA:8 a=BDKbP5mgAAAA:8 a=zNQZm9IoAq8A:10 a=cQ5pcHtl6RgA:10 a=YxfxW3ofkq8A:10 a=IkcTkHD0fZMA:10 a=uhPMnebkAAAA:8 a=E3f3JUB3-kdayd4SlykA:9 a=QEXdDO2ut3YA:10 Cc: =?UTF-8?B?R2Vycml0IEvDvGhu?= , freebsd-current@freebsd.org, Gleb Smirnoff , FreeBSD Mailing List X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jul 2014 08:33:26 -0000 krad wrote: > that is true and I have not problem using man pages, however thats not the > way most of the world work and search engines arent exactly new either. We > should be trying to engage more people not less, and part of that is > reaching out. One of FreeBSD's historic strengths has been the handbook and generally good quality documentation. There is no way that the FreeBSD project can ensure that all Google results for everyone in the world are FreeBSD related "good" documentation, but it can ensure that the documentation included with FreeBSD is accurate and usable, and it can ensure that the FreeBSD documentation is available via the internet. Aside from blindly following whatever generates the most Google results (an obviously broken solution), what exactly can the FreeBSD project do to ensure that when someone "Googles" a problem they will end up with a correct FreeBSD solution? From owner-freebsd-current@FreeBSD.ORG Sat Jul 19 08:35:41 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 343374C9; Sat, 19 Jul 2014 08:35:41 +0000 (UTC) Received: from mail-oa0-x232.google.com (mail-oa0-x232.google.com [IPv6:2607:f8b0:4003:c02::232]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D8C4B24F4; Sat, 19 Jul 2014 08:35:40 +0000 (UTC) Received: by mail-oa0-f50.google.com with SMTP id g18so4796674oah.23 for ; Sat, 19 Jul 2014 01:35:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=9gKTRAQVc96yH3ikavmHLaOCRzH+BRJwT1ZaflNsWRk=; b=YxOuf/6FLCKE90ae2NqFBEmx7HGjxO0lUDjGgabamnZRE+s9z11ip4VnN1EOqnuBXa 0TrpUV2wvJuaWaMB0xo7QxWszWgmcXzS7Dvwm5jX7rFYG355AU7uIc2/Zg5tohEHvjx0 MjGeUjmSKMpdi7hlb8/dQIOLNmBETOtGPV8zka8YRQwwWKrWfsHNDAZlaz+dcBgl5PwI 5CU28YEORMGsJs3rUkI4dQ7/RBqeQdqBTRvQx5zeT1UwmalQxTQGFAdOzlaS0AY2xtNq yw+I/ILxZyvSsR/x/qqfiUGuHtiPy7RKXYsp+MbnVUe4z5vC2THWwIRGAGz2baIGTXH3 /lJw== MIME-Version: 1.0 X-Received: by 10.60.70.205 with SMTP id o13mr14479771oeu.38.1405758939926; Sat, 19 Jul 2014 01:35:39 -0700 (PDT) Received: by 10.76.170.39 with HTTP; Sat, 19 Jul 2014 01:35:39 -0700 (PDT) In-Reply-To: <53C9DAA1.4020006@bluerosetech.com> References: <53C706C9.6090506@com.jkkn.dk> <20140718110645.GN87212@FreeBSD.org> <53C9DAA1.4020006@bluerosetech.com> Date: Sat, 19 Jul 2014 10:35:39 +0200 Message-ID: Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? From: Andreas Nilsson To: Darren Pilgrim Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.18 Cc: Gleb Smirnoff , Mailinglists FreeBSD , Current FreeBSD X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jul 2014 08:35:41 -0000 On Sat, Jul 19, 2014 at 4:40 AM, Darren Pilgrim < list_freebsd@bluerosetech.com> wrote: > On 7/18/2014 4:06 AM, Gleb Smirnoff wrote: > >> K> b) We are a major release away from OpenBSD (5.6 coming soon) - is >> K> following OpenBSD's pf the past? - should it be? >> >> Following OpenBSD on features would be cool, but no bulk imports >> would be made again. Bulk imports produce bad quality of port, >> and also pf in OpenBSD has no multi thread support. >> > > I would much rather have a slower pf that actually supports modern > networking than a faster one I can't use due to showstopper flaws and > missing features. > So would I. Not that we use pf, but anyway. > > There is currently no viable firewall module for FreeBSD if you want to do > things like route IPv6. Isn't that possible with ipfw? Perhaps the pf guys in OpenBSD could be convinced to start openpf and have porting layer as in openzfs. Best regards Andreas From owner-freebsd-current@FreeBSD.ORG Sat Jul 19 11:06:57 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B964C445; Sat, 19 Jul 2014 11:06:57 +0000 (UTC) Received: from mail-wg0-x22e.google.com (mail-wg0-x22e.google.com [IPv6:2a00:1450:400c:c00::22e]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 260132224; Sat, 19 Jul 2014 11:06:57 +0000 (UTC) Received: by mail-wg0-f46.google.com with SMTP id m15so4501716wgh.29 for ; Sat, 19 Jul 2014 04:06:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=/8BiYi7yLJZv1Vg4s6fd9c0YBfUeNSx4l8AVPPh6pcc=; b=j0QZyrhYhiaVawUBETC2aPyrUCR0rVMuq1eGzdb/pHB5LHza4Hr1vwxE0vXNQKzf2m VnE5oGRQOSELIIzbomXT9YX/L1jPuQ7ksBArpp/AdFA+7Uni1T2X+JPvVqD2Pxvd4R/a 43tkSAnIwllcD9mZ0QVvqGjFWfKCoWVH0tbcpJfb1+NOJdDYRgwVxS1T40CJcCA9TolK 8U9LrGNpx2exuWExtmcngkvfyfkJqKqbm+05lB5OYzLys14yvVHnnAO/ETzbflKAKCbL lignfxunkm258J7RqhbaczklahDcd34llVIHlBCszcRYpbNIUGK8r6A+RGwFF4rvVfVA E3XA== X-Received: by 10.180.94.5 with SMTP id cy5mr15515158wib.11.1405768015392; Sat, 19 Jul 2014 04:06:55 -0700 (PDT) Received: from ivaldir.etoilebsd.net ([2001:41d0:8:db4c::1]) by mx.google.com with ESMTPSA id cx5sm21247142wjb.8.2014.07.19.04.06.53 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 19 Jul 2014 04:06:54 -0700 (PDT) Sender: Baptiste Daroussin Date: Sat, 19 Jul 2014 13:06:52 +0200 From: Baptiste Daroussin To: Allan Jude Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? Message-ID: <20140719110652.GR28314@ivaldir.etoilebsd.net> References: <53C706C9.6090506@com.jkkn.dk> <20140718110645.GN87212@FreeBSD.org> <20140718151255.b3e677d9.gerrit.kuehn@aei.mpg.de> <53C973EA.5090104@freebsd.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="QFliEIXSSz7hGqqc" Content-Disposition: inline In-Reply-To: <53C973EA.5090104@freebsd.org> User-Agent: Mutt/1.5.23 (2014-03-12) Cc: freebsd-current@freebsd.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jul 2014 11:06:57 -0000 --QFliEIXSSz7hGqqc Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jul 18, 2014 at 03:22:18PM -0400, Allan Jude wrote: > On 2014-07-18 15:07, Adrian Chadd wrote: > > On 18 July 2014 07:34, krad wrote: > >> that is true and I have not problem using man pages, however thats not= the > >> way most of the world work and search engines arent exactly new either= =2E We > >> should be trying to engage more people not less, and part of that is > >> reaching out. > >=20 > > Then do the port and maintain it. > >=20 > > The problem isn't the desire to keep things up to date, it's a lack of > > people who want that _and_ are willing/able to do it _and_ are funded > > somehow. > >=20 > > So, please step up! We'll all love you for it. > >=20 > >=20 > >=20 > > -a > > _______________________________________________ > > freebsd-current@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-current > > To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.o= rg" > >=20 >=20 > At vBSDCon Bapt@ volunteered to port the newer pf back to FreeBSD, after > spending some hours driving with Henning. I tried and broke pf for month and my changes have been reverted, this is n= ot as simple as it looks like, our code as diverge a lot in some part and we do support things that openbsd does not (vimage). Sync features requires us to be very careful, my priorities went elsewhere since that time, so now I will probably only focus on bringing features I care about, and not the entirely= new pf. So no do not count me as volunteer to maintain pf, I ll probably do some wo= rk but not a full sync. Bapt --QFliEIXSSz7hGqqc Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlPKUUwACgkQ8kTtMUmk6ExNKwCfUC870kutCHGAKJtIZk4IbeMW kAUAn2qSmzTVy9GUlsElafZyvdzcyPHk =gs2Z -----END PGP SIGNATURE----- --QFliEIXSSz7hGqqc-- From owner-freebsd-current@FreeBSD.ORG Sat Jul 19 13:50:21 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 18A5D131; Sat, 19 Jul 2014 13:50:21 +0000 (UTC) Received: from mail.feld.me (mail.feld.me [66.170.3.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.feld.me", Issuer "Gandi Standard SSL CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A13C22D75; Sat, 19 Jul 2014 13:50:20 +0000 (UTC) Received: from mail.feld.me (mail.feld.me [66.170.3.6]); by mail.feld.me (OpenSMTPD) with ESMTP id e0d4d130; Sat, 19 Jul 2014 08:50:09 -0500 (CDT) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=feld.me; h=content-type :mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to:sender; s= blargle2; bh=QEgcu/04F1wFELogP+s5/zHBMA8=; b=qlGWoMhuRyJFymBnXFe CzaJ7fIq7rScooaZlNDj/0bcyyFhdKxnuqZO8XwGYMWfU7aoUadQnayUMhhpXAWM j5EqJpDd0p//PCZUdGm/QzMODiPQeQzVtBLk7bW5eMzj3uWqWVofxSDN4NYKdUQ5 2i/XE/1dL0ZdcBWXk+lLfbMF2MFxTmvjZacE4jVWV5Ent7q5lvA/cS7hycMIJsxK O5GsXzl/QMcy7wZjOOGlrUmEntbVoqMteAUWtAPxSDoXmIsbP9QLzYlO+4qnn15w L+62JViBlsKTwZ702qpZt+gMlb+yaEOpbIeYVIpzhXinImTrGCzghG0AFGUKSjD9 RuA== DomainKey-Signature: a=rsa-sha1; c=nofws; d=feld.me; h=content-type :mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to:sender; q= dns; s=blargle2; b=hN550qsLqzesS2i3ni5HKUu5s/M7sgq+2h+mfXa5HTPnD X3GscAe+6iM7FWI7y6bH4RiqUJ7+waDdLj4fkIuN7up2VtBUThUmh8vEdvbtO/nU pvo+2GD6Qa9OBR0JHq6d0zCRB590pHOUMazXIPcbXJop5y8z/Qe2paeCRlHE0WxX V6QsipzGYCmDgcpRM5EK6vqtLdDgc3De+CJsXatF45JJqnMWyrTtRkoXwPKGDvZ+ bz8kRR4AXyP4KDUVVoLyS0HYUCGG1PLQqfimSSq7hPXcRy34GvN4rAcfBIH3eMac 3z6mHRPzEpMXVNIFXsJPwjcvWCnFQ/DfMjRltlhvg== Received: from mail.feld.me (mail.feld.me [66.170.3.6]); by mail.feld.me (OpenSMTPD) with ESMTP id 1c3fb8b0; Sat, 19 Jul 2014 08:50:09 -0500 (CDT) Received: from feld@feld.me by mail.feld.me (Archiveopteryx 3.2.0) with esmtpa id 1405777808-5784-5781/5/2; Sat, 19 Jul 2014 13:50:08 +0000 Content-Type: text/plain Mime-Version: 1.0 Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? From: Mark Felder In-Reply-To: Date: Sat, 19 Jul 2014 08:50:06 -0500 Content-Transfer-Encoding: quoted-printable Message-Id: <8E7D9358-29BA-48F9-9067-1BBA48470673@FreeBSD.org> References: <53C706C9.6090506@com.jkkn.dk> <20140718110645.GN87212@FreeBSD.org> <53C9DAA1.4020006@bluerosetech.com> To: Andreas Nilsson X-Mailer: Apple Mail (2.1878.6) Sender: feld@feld.me Cc: Gleb Smirnoff , Darren Pilgrim , Current FreeBSD , Mailinglists FreeBSD X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jul 2014 13:50:21 -0000 On Jul 19, 2014, at 3:35, Andreas Nilsson wrote: > On Sat, Jul 19, 2014 at 4:40 AM, Darren Pilgrim < > list_freebsd@bluerosetech.com> wrote: >=20 >> On 7/18/2014 4:06 AM, Gleb Smirnoff wrote: >>=20 >>> K> b) We are a major release away from OpenBSD (5.6 coming soon) - is >>> K> following OpenBSD's pf the past? - should it be? >>>=20 >>> Following OpenBSD on features would be cool, but no bulk imports >>> would be made again. Bulk imports produce bad quality of port, >>> and also pf in OpenBSD has no multi thread support. >>>=20 >>=20 >> I would much rather have a slower pf that actually supports modern >> networking than a faster one I can't use due to showstopper flaws and >> missing features. >>=20 >=20 > So would I. Not that we use pf, but anyway. >=20 >>=20 >> There is currently no viable firewall module for FreeBSD if you want = to do >> things like route IPv6. >=20 >=20 > Isn't that possible with ipfw? >=20 > Perhaps the pf guys in OpenBSD could be convinced to start openpf and = have > porting layer as in openzfs. >=20 I do not know ipfw IPv6 limitations, but the Wikipedia article says: * IPv6 support (with several limitations) Choice is nice, but I would like to see the project promote one firewall = to users. My coworkers long ago jumped ship from ipfw to pf and I know = regret that decision due to the IPv6 bugs. At this point it's too hard = to migrate all the servers off of pf. From owner-freebsd-current@FreeBSD.ORG Sat Jul 19 16:08:15 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3D4B1D0E; Sat, 19 Jul 2014 16:08:15 +0000 (UTC) Received: from mail.0x20.net (mail.0x20.net [217.69.76.211]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 95F312753; Sat, 19 Jul 2014 16:08:14 +0000 (UTC) Received: from e-new.0x20.net (mail.0x20.net [IPv6:2001:aa8:fffb:1::3]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.0x20.net (Postfix) with ESMTPS id 9D5EC6A6005; Sat, 19 Jul 2014 18:08:10 +0200 (CEST) Received: from e-new.0x20.net (localhost [127.0.0.1]) by e-new.0x20.net (8.14.7/8.14.7) with ESMTP id s6JG8A6t024494; Sat, 19 Jul 2014 18:08:10 +0200 (CEST) (envelope-from lars@e-new.0x20.net) Received: (from lars@localhost) by e-new.0x20.net (8.14.7/8.14.7/Submit) id s6JG89x0023382; Sat, 19 Jul 2014 18:08:09 +0200 (CEST) (envelope-from lars) Date: Sat, 19 Jul 2014 18:08:09 +0200 From: Lars Engels To: Adrian Chadd Subject: [PATCHES] Extend service(8) and rc(8) was: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? Message-ID: <20140719160809.GU96250@e-new.0x20.net> Mail-Followup-To: Lars Engels , Adrian Chadd , Andreas Nilsson , Navdeep Parhar , Craig Rodrigues , freebsd-doc@freebsd.org, Alberto Mijares , freebsd-current Current , ports , freebsd-rc@freebsd.org References: <53C82EC4.8060304@gmail.com> <20140718142835.GF96250@e-new.0x20.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="ElEgulhWJDonIdTi" Content-Disposition: inline In-Reply-To: X-Editor: VIM - Vi IMproved 7.4 X-Operation-System: FreeBSD 8.4-RELEASE-p4 User-Agent: Mutt/1.5.23 (2014-03-12) Cc: Craig Rodrigues , freebsd-rc@freebsd.org, ports , freebsd-doc@freebsd.org, Alberto Mijares , freebsd-current Current , Andreas Nilsson , Navdeep Parhar X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jul 2014 16:08:15 -0000 --ElEgulhWJDonIdTi Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jul 18, 2014 at 12:10:34PM -0700, Adrian Chadd wrote: > Hi! >=20 >=20 > On 18 July 2014 07:28, Lars Engels wrote: > > On Thu, Jul 17, 2014 at 10:21:17PM +0200, Andreas Nilsson wrote: > >> On Thu, Jul 17, 2014 at 10:15 PM, Navdeep Parhar w= rote: > >> > >> > On 07/17/14 13:12, Adrian Chadd wrote: > >> > > On 17 July 2014 13:03, Alberto Mijares wrote: > >> > >> On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd > >> > wrote: > >> > >>> Hi! > >> > >>> > >> > >>> 3) The binary packages need to work out of the box > >> > >>> 4) .. which means, when you do things like pkg install apache, it > >> > >>> can't just be installed and not be enabled, because that's a bit= of a > >> > >>> problem; > >> > >> > >> > >> > >> > >> No. Please NEVER do that! The user must be able to edit the files= and > >> > >> start the service by himself. > >> > > > >> > > Cool, so what's the single line command needed to type in to start= a > >> > > given package service? > >> > > >> > Aren't sysrc(8) and service(8) for this kind of stuff? > >> > > >> > >> They sure are. > >> > >> Well, pkg install $service ; sysrc ${service}_enable=3D"YES" would do. > >> Although some services have different names than the packge, which is = sort > >> of annoying. > > > > I hacked up a solution for service(8): > > > > http://bsd-geek.de/FreeBSD/service.sh.enable-disable.patch > > > > The patch adds the following directives to service(8): > > > > enable: Grabs an rc script's rcvar value and runs "sysrc foo_enable=3DY= ES" > > disable: The opposite of enable > > rcdelete: Deletes an rc script's rcvar value from /etc/rc.conf using > > "sysrc -x foo_enable" > > > > The nice thing about is that you can use one of the new directives on > > one line with the old ones, as long as the new are the first argument: > > > > # service syslogd enable > > # service apache24 disable stop > > # service apache24 rcdelete stop > > # service nginx enable start > > > > > > So after installing a package, to start and enable a daemon permanently > > all you have to run is > > # service foo enable start > > > > Lars > > > > P.S.: Thansk to Devin for his hard work on sysrc! >=20 > Having a way for sysrc and service to know what particular options and > services are exposed by a given package or installed "thing" would be > nice. Right now the namespace is very flat and it's not obvious in all > instances what needs to happen to make it useful and what the options > are. >=20 > "Oh, hm, I'd like to know what options there are for controlling the > installed apache24 package, let's see"... >=20 > I remember IRIX having that command to list services, stop them and > start them, configure them enabled and disabled. Solaris grew > something like that with Solaris 10 and after the initial learning > curve it was great. Hving something like that would be 100% awesome. I've updated the patch and extended it a little: https://phabric.freebsd.org/D451 It can now print the rc options for a service. It needs however to have the options listed as comments between the KEYWORDS section and the sourcing of /etc/rc.subr. And I've made some changes to rc.subr itself: https://phabric.freebsd.org/D452 So now you can use # service sshd describe Secure Shell Daemon and # service sshd extracommands configtest keygen reload Sorry for the mess in phabricator's SUMMARY. I will learn the markup syntax later... Lars --ElEgulhWJDonIdTi Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) iQF8BAEBCgBmBQJTypfpXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4RjQwMDE3RTRERjUzMTI1N0FGRTUxNDlF NTRDQjM3RDNBMDg5RDZEAAoJEOVMs306CJ1twRoH/jnqPDvSF3PxNhIqJPM9zmaa afViSj5ONY67Y1KsU39vZcM0eqfCSYWoPlZXB93Cj5mK01BcdaxDDMYOrNhx2rwT dq4ZRzYbtuCKNIrwkCqBrLHUmlzGoRP1txv9fpX/skAVN1Ftf9DcDZHsw+CoLbfI DrxeVu0OnTNqX6SjqeY/cEjgcmC2uUEpk4os7axaY5PDmGkmxfeHD0gWMazOqrJT /4G1C7WBBdyNJrGI9D1Llfk76IuVZicy9uj9BXpp6CeVL+sFt48F+DRzOpdx+sIM DwcEOItw6MI6cD4kV59+/3OhiB4dws2ZYI5mNl2jmXm9jVwAmrk/4Ip1nVytNFs= =ij8V -----END PGP SIGNATURE----- --ElEgulhWJDonIdTi-- From owner-freebsd-current@FreeBSD.ORG Sat Jul 19 19:56:44 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3FDC6BAE; Sat, 19 Jul 2014 19:56:44 +0000 (UTC) Received: from mail-qa0-x22d.google.com (mail-qa0-x22d.google.com [IPv6:2607:f8b0:400d:c00::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3F8A72935; Sat, 19 Jul 2014 19:56:43 +0000 (UTC) Received: by mail-qa0-f45.google.com with SMTP id cm18so3909063qab.4 for ; Sat, 19 Jul 2014 12:56:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:content-type; bh=N9f9rWoHVKJDOpFI/JymFxXkffO4Xe3MkhRqycxthLI=; b=Wu7VIef+qaAJjPfGMmzMkJyJTNzwgTjVdueJpG4iJwPyHHINBY6NOSnO3NtWPfNseY hT4/QjZvKjF8L+mm+2xoMTR7mUSEAOc9q13AznS/aYwXfayRR7S/hNNmPxChwjvSg+kh EIn41Tq8GBSfy1Q9ovTEwYWYp+hBGNfsCPDot8T4yRbzfrrsjhP5KhOtErd+dJIQp7Ov Y3nJBFAc3hT12vsYklOg9EeoX32e1xF9d2tcg6GFU6cqYfc6syzbZufn/AbWaN3D4Sef BrmKv6pVMPo8u4PFaXxeU2VIWWnfBdKV1+CSA7HchrUQg6woqkzzLBL4K6KiXjCK2+VK D3Kg== MIME-Version: 1.0 X-Received: by 10.224.55.131 with SMTP id u3mr6888928qag.98.1405799802382; Sat, 19 Jul 2014 12:56:42 -0700 (PDT) Sender: adrian.chadd@gmail.com Received: by 10.224.1.6 with HTTP; Sat, 19 Jul 2014 12:56:42 -0700 (PDT) In-Reply-To: <20140719160809.GU96250@e-new.0x20.net> References: <53C82EC4.8060304@gmail.com> <20140718142835.GF96250@e-new.0x20.net> <20140719160809.GU96250@e-new.0x20.net> Date: Sat, 19 Jul 2014 12:56:42 -0700 X-Google-Sender-Auth: PDfK75sIuDebJ6pOReNsY4AUKBA Message-ID: Subject: Re: [PATCHES] Extend service(8) and rc(8) was: Re: HOWTO articles for migrating from Linux to FreeBSD, especially for pkg? From: Adrian Chadd To: Lars Engels , Adrian Chadd , Andreas Nilsson , Navdeep Parhar , Craig Rodrigues , freebsd-doc@freebsd.org, Alberto Mijares , freebsd-current Current , ports , freebsd-rc@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Mailman-Approved-At: Sat, 19 Jul 2014 20:55:34 +0000 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jul 2014 19:56:44 -0000 Hi! I like it! It's a useful command line API. Eventually people will realise there needs to be a more formal method for describing/controlling the underlying framework, but I leave that up to bapt to figure out and .. well, push people to do. :) Thanks! -a On 19 July 2014 09:08, Lars Engels wrote: > On Fri, Jul 18, 2014 at 12:10:34PM -0700, Adrian Chadd wrote: >> Hi! >> >> >> On 18 July 2014 07:28, Lars Engels wrote: >> > On Thu, Jul 17, 2014 at 10:21:17PM +0200, Andreas Nilsson wrote: >> >> On Thu, Jul 17, 2014 at 10:15 PM, Navdeep Parhar wrote: >> >> >> >> > On 07/17/14 13:12, Adrian Chadd wrote: >> >> > > On 17 July 2014 13:03, Alberto Mijares wrote: >> >> > >> On Thu, Jul 17, 2014 at 2:58 PM, Adrian Chadd >> >> > wrote: >> >> > >>> Hi! >> >> > >>> >> >> > >>> 3) The binary packages need to work out of the box >> >> > >>> 4) .. which means, when you do things like pkg install apache, it >> >> > >>> can't just be installed and not be enabled, because that's a bit of a >> >> > >>> problem; >> >> > >> >> >> > >> >> >> > >> No. Please NEVER do that! The user must be able to edit the files and >> >> > >> start the service by himself. >> >> > > >> >> > > Cool, so what's the single line command needed to type in to start a >> >> > > given package service? >> >> > >> >> > Aren't sysrc(8) and service(8) for this kind of stuff? >> >> > >> >> >> >> They sure are. >> >> >> >> Well, pkg install $service ; sysrc ${service}_enable="YES" would do. >> >> Although some services have different names than the packge, which is sort >> >> of annoying. >> > >> > I hacked up a solution for service(8): >> > >> > http://bsd-geek.de/FreeBSD/service.sh.enable-disable.patch >> > >> > The patch adds the following directives to service(8): >> > >> > enable: Grabs an rc script's rcvar value and runs "sysrc foo_enable=YES" >> > disable: The opposite of enable >> > rcdelete: Deletes an rc script's rcvar value from /etc/rc.conf using >> > "sysrc -x foo_enable" >> > >> > The nice thing about is that you can use one of the new directives on >> > one line with the old ones, as long as the new are the first argument: >> > >> > # service syslogd enable >> > # service apache24 disable stop >> > # service apache24 rcdelete stop >> > # service nginx enable start >> > >> > >> > So after installing a package, to start and enable a daemon permanently >> > all you have to run is >> > # service foo enable start >> > >> > Lars >> > >> > P.S.: Thansk to Devin for his hard work on sysrc! >> >> Having a way for sysrc and service to know what particular options and >> services are exposed by a given package or installed "thing" would be >> nice. Right now the namespace is very flat and it's not obvious in all >> instances what needs to happen to make it useful and what the options >> are. >> >> "Oh, hm, I'd like to know what options there are for controlling the >> installed apache24 package, let's see"... >> >> I remember IRIX having that command to list services, stop them and >> start them, configure them enabled and disabled. Solaris grew >> something like that with Solaris 10 and after the initial learning >> curve it was great. Hving something like that would be 100% awesome. > > I've updated the patch and extended it a little: > > https://phabric.freebsd.org/D451 > > It can now print the rc options for a service. > It needs however to have the options listed as comments between the > KEYWORDS section and the sourcing of /etc/rc.subr. > > > And I've made some changes to rc.subr itself: > > https://phabric.freebsd.org/D452 > > So now you can use > > # service sshd describe > Secure Shell Daemon > > and > > # service sshd extracommands > configtest keygen reload > > > Sorry for the mess in phabricator's SUMMARY. I will learn the markup > syntax later... > > > Lars From owner-freebsd-current@FreeBSD.ORG Sat Jul 19 23:54:51 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E1F9DAFE; Sat, 19 Jul 2014 23:54:51 +0000 (UTC) Received: from mail-pa0-x230.google.com (mail-pa0-x230.google.com [IPv6:2607:f8b0:400e:c03::230]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A45BE2AE0; Sat, 19 Jul 2014 23:54:51 +0000 (UTC) Received: by mail-pa0-f48.google.com with SMTP id et14so7539856pad.35 for ; Sat, 19 Jul 2014 16:54:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=+wRvSZP+qP464DuFKOk6jKLAvAdDgyn24FfM7RspSd8=; b=R5R2PXr2PhkmCTrLxAueQzd8HkXqooFclxY7JJ4VRlJGW05HTNH8VzLGqlmconcXc/ HBGQQW0xI6lWpDiP+hrUHjfnd4j8cnW9ZBi/2JD1h3nrObEPvoSUPyhfvOotCumbx1MI YSTD0LkM5jGEKW0aCqV6Hm3QZPUwFggt92q9fd7sG81g6d8fECIG4Xb1lzcQ7TmzeVJi dUUvQhMJ05de+AeajODFzL376NsGwqdyXDk3oarjqeT+e+r9EIE7+Fk7VqRQKVrlv1+D 9TS87uKW9dUKOpmOGGfpNbE+Upc3S0Xt57ZUsYxoh6Uuq5A02HgRoZjnsZbaXJnsMoKS qPOQ== MIME-Version: 1.0 X-Received: by 10.70.100.131 with SMTP id ey3mr15061679pdb.60.1405814091095; Sat, 19 Jul 2014 16:54:51 -0700 (PDT) Sender: kob6558@gmail.com Received: by 10.66.88.227 with HTTP; Sat, 19 Jul 2014 16:54:50 -0700 (PDT) In-Reply-To: <8E7D9358-29BA-48F9-9067-1BBA48470673@FreeBSD.org> References: <53C706C9.6090506@com.jkkn.dk> <20140718110645.GN87212@FreeBSD.org> <53C9DAA1.4020006@bluerosetech.com> <8E7D9358-29BA-48F9-9067-1BBA48470673@FreeBSD.org> Date: Sat, 19 Jul 2014 16:54:50 -0700 X-Google-Sender-Auth: 6coVMr44UhW_ofTMas96O2ds5ao Message-ID: Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? From: Kevin Oberman To: Mark Felder Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.18 Cc: Mailinglists FreeBSD , Gleb Smirnoff , Darren Pilgrim , Andreas Nilsson , Current FreeBSD X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jul 2014 23:54:52 -0000 On Sat, Jul 19, 2014 at 6:50 AM, Mark Felder wrote: > > On Jul 19, 2014, at 3:35, Andreas Nilsson wrote: > > > On Sat, Jul 19, 2014 at 4:40 AM, Darren Pilgrim < > > list_freebsd@bluerosetech.com> wrote: > > > >> On 7/18/2014 4:06 AM, Gleb Smirnoff wrote: > >> > >>> K> b) We are a major release away from OpenBSD (5.6 coming soon) - is > >>> K> following OpenBSD's pf the past? - should it be? > >>> > >>> Following OpenBSD on features would be cool, but no bulk imports > >>> would be made again. Bulk imports produce bad quality of port, > >>> and also pf in OpenBSD has no multi thread support. > >>> > >> > >> I would much rather have a slower pf that actually supports modern > >> networking than a faster one I can't use due to showstopper flaws and > >> missing features. > >> > > > > So would I. Not that we use pf, but anyway. > > > >> > >> There is currently no viable firewall module for FreeBSD if you want to > do > >> things like route IPv6. > > > > > > Isn't that possible with ipfw? > > > > Perhaps the pf guys in OpenBSD could be convinced to start openpf and > have > > porting layer as in openzfs. > > > > I do not know ipfw IPv6 limitations, but the Wikipedia article says: > > * IPv6 support (with several limitations) > > > Choice is nice, but I would like to see the project promote one firewall > to users. My coworkers long ago jumped ship from ipfw to pf and I know > regret that decision due to the IPv6 bugs. At this point it's too hard to > migrate all the servers off of pf. > _______________________________________________ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org" > I believe that this is obsolete, at least with 10. It certainly used to be the case in older versions. I suspect the improved ipfw is now in 9.3 and perhaps even 8.4, but I can't swear to it. I do know that the 10.0 version broke several of my firewall rules which would have made back-porting to older versions unacceptable but I believe that this is no longer the case. Some IPv6 specific keywords had been eliminated, but I think that they are all back in place, now. No longer required, but there for compatibility. The last feature I am aware of that lacked ipv6 support was tables. If any more exist, they are subtle and I have not hit hem to this point. -- R. Kevin Oberman, Network Engineer, Retired E-mail: rkoberman@gmail.com